mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2026-07-02 10:22:37 +00:00
* changes: feat(cpufeat): constrain RAS_TRAP_NS_ERR_REC_ACCESS on ENABLE_FEAT_RAS fix(build): set defaults to feature flags before platform.mk refactor(cpufeat): unify FEAT_IDTE3's definitions with arch.h refactor(el3-runtime): generalise sysreg trapping refactor(el3-runtime): use contexted SCR_EL3 instead of the register build: rename default_ones to set_ones
536 lines
17 KiB
Makefile
536 lines
17 KiB
Makefile
#
|
|
# Copyright (c) 2025-2026, Arm Limited. All rights reserved.
|
|
#
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
|
#
|
|
|
|
ifneq ($(AARCH32_INSTRUCTION_SET),$(filter $(AARCH32_INSTRUCTION_SET),A32 T32))
|
|
$(error Error: Unknown AArch32 instruction set ${AARCH32_INSTRUCTION_SET})
|
|
endif
|
|
|
|
# Check for ENABLE_RME that is replaced by ENABLE_FEAT_RME
|
|
ifeq (${ENABLE_RME},1)
|
|
$(warning "ENABLE_RME will be deprecated. Use ENABLE_FEAT_RME=1 and ENABLE_RMM=1 instead.")
|
|
endif
|
|
|
|
# Make sure ENABLE_FEAT_RME configuration is valid
|
|
ifneq (${ENABLE_FEAT_RME},0)
|
|
ifneq (${SEPARATE_CODE_AND_RODATA},1)
|
|
$(error ENABLE_FEAT_RME requires SEPARATE_CODE_AND_RODATA)
|
|
endif
|
|
|
|
ifneq (${ARCH},aarch64)
|
|
$(error ENABLE_FEAT_RME requires AArch64)
|
|
endif
|
|
|
|
ifeq ($(RESET_TO_BL2),0)
|
|
ifeq ($(ENABLE_FEAT_RME),2)
|
|
$(warning ENABLE_FEAT_RME=2 forces BL2 to run at EL3 even if FEAT_RME is not present at runtime)
|
|
endif
|
|
endif
|
|
|
|
ifeq ($(SPMC_AT_EL3),1)
|
|
$(error SPMC_AT_EL3 and ENABLE_FEAT_RME cannot both be enabled.)
|
|
endif
|
|
|
|
ifneq (${SPD}, none)
|
|
ifneq (${SPD}, spmd)
|
|
$(error ENABLE_FEAT_RME is incompatible with SPD=${SPD}. Use SPD=spmd)
|
|
endif
|
|
endif
|
|
|
|
ifeq ($(SPM_MM),1)
|
|
$(error SPM_MM and ENABLE_FEAT_RME cannot both be enabled.)
|
|
endif
|
|
|
|
$(warning "FEAT_RME is an experimental feature")
|
|
else
|
|
ifeq (${ENABLE_FEAT_RME_GDI},1)
|
|
$(error ENABLE_FEAT_RME_GDI requires ENABLE_FEAT_RME)
|
|
endif
|
|
endif
|
|
|
|
# Make sure RMM configuration is valid
|
|
ifeq (${ENABLE_RMM},1)
|
|
ifneq (${ENABLE_FEAT_RME},1)
|
|
$(error ENABLE_RMM requires ENABLE_FEAT_RME=1)
|
|
endif
|
|
|
|
$(warning "RMM is an experimental feature")
|
|
endif
|
|
|
|
ifeq (${CTX_INCLUDE_EL2_REGS}, 1)
|
|
ifeq (${SPD},none)
|
|
ifeq (${ENABLE_RMM},0)
|
|
$(error CTX_INCLUDE_EL2_REGS is available only when SPD \
|
|
or RMM is enabled)
|
|
endif
|
|
endif
|
|
endif
|
|
|
|
################################################################################
|
|
# Verify RMM, FEAT_SCTLR2 and FEAT_TCR2 are enabled if FEAT_MEC is enabled.
|
|
################################################################################
|
|
|
|
ifneq (${ENABLE_FEAT_MEC},0)
|
|
ifeq (${ENABLE_RMM},0)
|
|
$(error RMM must be enabled when FEAT_MEC is enabled.)
|
|
endif
|
|
ifeq (${ENABLE_FEAT_TCR2},0)
|
|
$(error FEAT_TCR2 must be enabled when FEAT_MEC is enabled.)
|
|
endif
|
|
ifeq (${ENABLE_FEAT_SCTLR2},0)
|
|
$(error FEAT_SCTLR2 must be enabled when FEAT_MEC is enabled.)
|
|
endif
|
|
endif
|
|
|
|
# Handle all invalid build configurations with SPMD usage.
|
|
ifeq (${ENABLE_SPMD_LP}, 1)
|
|
ifneq (${SPD},spmd)
|
|
$(error Error: ENABLE_SPMD_LP requires SPD=spmd.)
|
|
endif
|
|
|
|
ifeq ($(SPMC_AT_EL3),1)
|
|
$(error SPMC at EL3 not supported when enabling SPMD Logical partitions.)
|
|
endif
|
|
endif
|
|
|
|
ifeq (${SUPPORT_SP_LIVE_ACTIVATION}, 1)
|
|
ifeq (${LFA_SUPPORT}, 0)
|
|
$(error Error: SUPPORT_SP_LIVE_ACTIVATION requires LFA_SUPPORT=1)
|
|
endif #(LFA_SUPPORT)
|
|
ifeq (${ENABLE_SPMD_LP}, 0)
|
|
$(error Error: SUPPORT_SP_LIVE_ACTIVATION requires ENABLE_SPMD_LP=1)
|
|
endif #(ENABLE_SPMD_LP)
|
|
ifeq (${SPMD_SPM_AT_SEL2},0)
|
|
$(error Error: SUPPORT_SP_LIVE_ACTIVATION requires SPMD_SPM_AT_SEL2=1)
|
|
endif #(SPMD_SPM_AT_SEL2)
|
|
$(warning SUPPORT_SP_LIVE_ACTIVATION is an experimental feature)
|
|
endif #(SUPPORT_SP_LIVE_ACTIVATION)
|
|
|
|
ifneq (${SPD},none)
|
|
ifeq (${ARCH},aarch32)
|
|
$(error "Error: SPD is incompatible with AArch32.")
|
|
endif
|
|
ifdef EL3_PAYLOAD_BASE
|
|
$(warning "SPD and EL3_PAYLOAD_BASE are incompatible build options.")
|
|
$(warning "The SPD and its BL32 companion will be present but ignored.")
|
|
endif
|
|
ifeq (${SPD},spmd)
|
|
ifeq ($(SPMD_SPM_AT_SEL2),1)
|
|
ifeq ($(SPMC_AT_EL3),1)
|
|
$(error SPM cannot be enabled in both S-EL2 and EL3.)
|
|
endif
|
|
ifeq ($(CTX_INCLUDE_SVE_REGS),1)
|
|
$(error SVE context management not needed with Hafnium SPMC.)
|
|
endif
|
|
endif
|
|
|
|
ifeq ($(SPMC_AT_EL3_SEL0_SP),1)
|
|
ifneq ($(SPMC_AT_EL3),1)
|
|
$(error SEL0 SP cannot be enabled without SPMC at EL3)
|
|
endif
|
|
endif
|
|
endif #(SPD=spmd)
|
|
endif #(SPD!=none)
|
|
|
|
# USE_DEBUGFS experimental feature recommended only in debug builds
|
|
ifeq (${USE_DEBUGFS},1)
|
|
ifeq (${DEBUG},1)
|
|
$(warning DEBUGFS experimental feature is enabled.)
|
|
else
|
|
$(warning DEBUGFS experimental, recommended in DEBUG builds ONLY)
|
|
endif
|
|
endif #(USE_DEBUGFS)
|
|
|
|
# USE_SPINLOCK_CAS requires AArch64 build
|
|
ifeq (${USE_SPINLOCK_CAS},1)
|
|
ifneq (${ARCH},aarch64)
|
|
$(error USE_SPINLOCK_CAS requires AArch64)
|
|
endif
|
|
endif #(USE_SPINLOCK_CAS)
|
|
|
|
ifdef EL3_PAYLOAD_BASE
|
|
ifdef PRELOADED_BL33_BASE
|
|
$(warning "PRELOADED_BL33_BASE and EL3_PAYLOAD_BASE are \
|
|
incompatible build options. EL3_PAYLOAD_BASE has priority.")
|
|
endif
|
|
ifneq (${GENERATE_COT},0)
|
|
$(error "GENERATE_COT and EL3_PAYLOAD_BASE are incompatible \
|
|
build options.")
|
|
endif
|
|
ifneq (${TRUSTED_BOARD_BOOT},0)
|
|
$(error "TRUSTED_BOARD_BOOT and EL3_PAYLOAD_BASE are \
|
|
incompatible \ build options.")
|
|
endif
|
|
endif #(EL3_PAYLOAD_BASE)
|
|
|
|
ifeq (${NEED_BL33},yes)
|
|
ifdef EL3_PAYLOAD_BASE
|
|
$(warning "BL33 image is not needed when option \
|
|
BL33_PAYLOAD_BASE is used and won't be added to the FIP file.")
|
|
endif
|
|
ifdef PRELOADED_BL33_BASE
|
|
$(warning "BL33 image is not needed when option \
|
|
PRELOADED_BL33_BASE is used and won't be added to the FIP file.")
|
|
endif
|
|
endif #(NEED_BL33)
|
|
|
|
# When building for systems with hardware-assisted coherency, there's no need to
|
|
# use USE_COHERENT_MEM. Require that USE_COHERENT_MEM must be set to 0 too.
|
|
ifeq ($(HW_ASSISTED_COHERENCY)-$(USE_COHERENT_MEM),1-1)
|
|
$(error USE_COHERENT_MEM cannot be enabled with HW_ASSISTED_COHERENCY)
|
|
endif
|
|
|
|
#For now, BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is 1.
|
|
ifeq ($(RESET_TO_BL2)-$(BL2_IN_XIP_MEM),0-1)
|
|
$(error "BL2_IN_XIP_MEM is only supported when RESET_TO_BL2 is enabled")
|
|
endif
|
|
|
|
# RAS_EXTENSION is deprecated, provide alternate build options
|
|
ifeq ($(RAS_EXTENSION),1)
|
|
$(error "RAS_EXTENSION is now deprecated, please use ENABLE_FEAT_RAS \
|
|
and HANDLE_EA_EL3_FIRST_NS instead")
|
|
endif
|
|
|
|
ifeq ($(ENABLE_FEAT_RAS),0)
|
|
ifneq ($(FAULT_INJECTION_SUPPORT),0)
|
|
$(error For FAULT_INJECTION_SUPPORT, ENABLE_FEAT_RAS must not be 0)
|
|
endif
|
|
ifneq ($(RAS_TRAP_NS_ERR_REC_ACCESS),0)
|
|
$(error For RAS_TRAP_NS_ERR_REC_ACCESS, ENABLE_FEAT_RAS must not be 0)
|
|
endif
|
|
endif #(ENABLE_FEAT_RAS)
|
|
|
|
# DYN_DISABLE_AUTH can be set only when TRUSTED_BOARD_BOOT=1
|
|
ifeq ($(DYN_DISABLE_AUTH), 1)
|
|
ifeq (${TRUSTED_BOARD_BOOT}, 0)
|
|
$(error "TRUSTED_BOARD_BOOT must be enabled for DYN_DISABLE_AUTH \
|
|
to be set.")
|
|
endif
|
|
endif #(DYN_DISABLE_AUTH)
|
|
|
|
# SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled.
|
|
ifeq ($(SDEI_SUPPORT)-$(SDEI_IN_FCONF),0-1)
|
|
$(error "SDEI_IN_FCONF is only supported when SDEI_SUPPORT is enabled")
|
|
endif
|
|
|
|
# If pointer authentication is used in the firmware, make sure that all the
|
|
# registers associated to it are also saved and restored.
|
|
# Not doing it would leak the value of the keys used by EL3 to EL1 and S-EL1.
|
|
ifneq ($(ENABLE_PAUTH),0)
|
|
ifeq ($(CTX_INCLUDE_PAUTH_REGS),0)
|
|
$(error Pointer Authentication requires CTX_INCLUDE_PAUTH_REGS to be enabled)
|
|
endif
|
|
endif #(ENABLE_PAUTH)
|
|
|
|
ifneq ($(CTX_INCLUDE_PAUTH_REGS),0)
|
|
ifneq (${ARCH},aarch64)
|
|
$(error CTX_INCLUDE_PAUTH_REGS requires AArch64)
|
|
endif
|
|
endif #(CTX_INCLUDE_PAUTH_REGS)
|
|
|
|
# Check ENABLE_FEAT_PAUTH_LR
|
|
ifneq (${ENABLE_FEAT_PAUTH_LR},0)
|
|
|
|
# Make sure PAUTH is enabled
|
|
ifeq (${ENABLE_PAUTH},0)
|
|
$(error Error: PAUTH_LR cannot be used without PAUTH (see BRANCH_PROTECTION))
|
|
endif
|
|
|
|
# Make sure SCTLR2 is enabled
|
|
ifeq (${ENABLE_FEAT_SCTLR2},0)
|
|
$(error Error: PAUTH_LR cannot be used without ENABLE_FEAT_SCTLR2)
|
|
endif
|
|
|
|
ifneq (${ENABLE_FEAT_HACDBS},0)
|
|
ifeq (${ENABLE_FEAT_HDBSS},0)
|
|
$(error ENABLE_FEAT_HACDBS requires ENABLE_FEAT_HDBSS)
|
|
endif
|
|
endif
|
|
|
|
# FEAT_PAUTH_LR is only supported in aarch64 state
|
|
ifneq (${ARCH},aarch64)
|
|
$(error ENABLE_FEAT_PAUTH_LR requires AArch64)
|
|
endif
|
|
|
|
endif # ${ENABLE_FEAT_PAUTH_LR}
|
|
|
|
ifeq ($(FIRME_SUPPORT),1)
|
|
$(info FIRME_SUPPORT is an experimental feature)
|
|
endif #(FIRME_SUPPORT)
|
|
|
|
ifneq ($(ENABLE_SME2_FOR_NS), 0)
|
|
ifeq (${ENABLE_SME_FOR_NS}, 0)
|
|
$(warning "ENABLE_SME2_FOR_NS requires ENABLE_SME_FOR_NS also \
|
|
to be set")
|
|
$(warning "Forced ENABLE_SME_FOR_NS=1")
|
|
override ENABLE_SME_FOR_NS := 1
|
|
endif
|
|
endif #(ENABLE_SME2_FOR_NS)
|
|
|
|
ifeq (${ARM_XLAT_TABLES_LIB_V1}, 1)
|
|
ifeq (${ALLOW_RO_XLAT_TABLES}, 1)
|
|
$(error "ALLOW_RO_XLAT_TABLES requires translation tables \
|
|
library v2")
|
|
endif
|
|
|
|
ifneq (${ENABLE_FEAT_RME},0)
|
|
$(error "ENABLE_FEAT_RME requires version 2 of the Translation \
|
|
Tables Library")
|
|
endif
|
|
endif #(ARM_XLAT_TABLES_LIB_V1)
|
|
|
|
ifneq (${DECRYPTION_SUPPORT},none)
|
|
ifeq (${TRUSTED_BOARD_BOOT}, 0)
|
|
$(error TRUSTED_BOARD_BOOT must be enabled for DECRYPTION_SUPPORT \
|
|
to be set)
|
|
endif
|
|
endif #(DECRYPTION_SUPPORT)
|
|
|
|
# Ensure that no Aarch64-only features are enabled in Aarch32 build
|
|
ifeq (${ARCH},aarch32)
|
|
ifneq (${ENABLE_LTO},0)
|
|
$(error "ENABLE_LTO is not supported with ARCH=aarch32")
|
|
endif
|
|
ifneq (${EL3_EXCEPTION_HANDLING},0)
|
|
$(error "EL3_EXCEPTION_HANDLING is not supported outside BL31")
|
|
endif
|
|
|
|
ifeq (${CRASH_REPORTING},1)
|
|
$(error "CRASH_REPORTING is not supported with ARCH=aarch32")
|
|
endif
|
|
|
|
# SME/SVE only supported on AArch64
|
|
ifneq (${ENABLE_SME_FOR_NS},0)
|
|
$(error "ENABLE_SME_FOR_NS cannot be used with ARCH=aarch32")
|
|
endif
|
|
|
|
ifneq (${ENABLE_SVE_FOR_NS},0)
|
|
$(error "ENABLE_SVE_FOR_NS cannot be used with ARCH=aarch32")
|
|
endif
|
|
|
|
ifneq (${ENABLE_SPE_FOR_NS},0)
|
|
$(error "ENABLE_SPE_FOR_NS cannot be used with ARCH=aarch32")
|
|
endif
|
|
|
|
# BRBE is not supported in AArch32
|
|
ifneq (${ENABLE_BRBE_FOR_NS},0)
|
|
$(error "ENABLE_BRBE_FOR_NS cannot be used with ARCH=aarch32")
|
|
endif
|
|
|
|
# FEAT_RNG_TRAP is not supported in AArch32
|
|
ifneq (${ENABLE_FEAT_RNG_TRAP},0)
|
|
$(error "ENABLE_FEAT_RNG_TRAP cannot be used with ARCH=aarch32")
|
|
endif
|
|
|
|
ifneq (${ENABLE_FEAT_FPMR},0)
|
|
$(error "ENABLE_FEAT_FPMR cannot be used with ARCH=aarch32")
|
|
endif
|
|
|
|
ifeq (${ARCH_FEATURE_AVAILABILITY},1)
|
|
$(error "ARCH_FEATURE_AVAILABILITY cannot be used with ARCH=aarch32")
|
|
endif
|
|
# FEAT_MOPS is only supported on AArch64
|
|
ifneq (${ENABLE_FEAT_MOPS},0)
|
|
$(error "ENABLE_FEAT_MOPS cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_GCIE},0)
|
|
$(error "ENABLE_FEAT_GCIE cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_CPA2},0)
|
|
$(error "ENABLE_FEAT_CPA2 cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${USE_SPINLOCK_CAS},0)
|
|
$(error "USE_SPINLOCK_CAS is not supported with ARCH=aarch32")
|
|
endif
|
|
ifneq (${PLATFORM_NODE_COUNT},1)
|
|
$(error "NUMA AWARE PER CPU is not supported with ARCH=aarch32")
|
|
endif
|
|
ifeq (${ENABLE_FEAT_CRYPTO},1)
|
|
$(error "ENABLE_FEAT_CRYPTO cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifeq (${ENABLE_FEAT_CRYPTO_SHA3},1)
|
|
$(error "ENABLE_FEAT_CRYPTO_SHA3 cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_MPAM},0)
|
|
$(error "ENABLE_FEAT_MPAM cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_UINJ},0)
|
|
$(error "ENABLE_FEAT_UINJ cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_STEP2},0)
|
|
$(error "ENABLE_FEAT_STEP2 cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_HDBSS},0)
|
|
$(error "ENABLE_FEAT_HDBSS cannot be used with ARCH=aarch32")
|
|
endif
|
|
ifneq (${ENABLE_FEAT_HACDBS},0)
|
|
$(error "ENABLE_FEAT_HACDBS cannot be used with ARCH=aarch32")
|
|
endif
|
|
endif #(ARCH=aarch32)
|
|
|
|
ifneq (${ENABLE_FEAT_FPMR},0)
|
|
ifeq (${ENABLE_FEAT_FGT},0)
|
|
$(error "ENABLE_FEAT_FPMR requires ENABLE_FEAT_FGT")
|
|
endif
|
|
ifeq (${ENABLE_FEAT_HCX},0)
|
|
$(error "ENABLE_FEAT_FPMR requires ENABLE_FEAT_HCX")
|
|
endif
|
|
endif #(ENABLE_FEAT_FPMR)
|
|
|
|
ifneq (${ENABLE_FEAT_CPA2},0)
|
|
ifeq (${ENABLE_FEAT_SCTLR2},0)
|
|
$(error "Error: ENABLE_FEAT_CPA2 cannot be used without ENABLE_FEAT_SCTLR2")
|
|
endif
|
|
endif #${ENABLE_FEAT_CPA2}
|
|
|
|
ifneq (${ENABLE_SME_FOR_NS},0)
|
|
ifeq (${ENABLE_SVE_FOR_NS},0)
|
|
$(error "ENABLE_SME_FOR_NS requires ENABLE_SVE_FOR_NS")
|
|
endif
|
|
endif #(ENABLE_SME_FOR_NS)
|
|
|
|
# Secure SME/SVE requires the non-secure component as well
|
|
ifeq (${ENABLE_SME_FOR_SWD},1)
|
|
ifeq (${ENABLE_SME_FOR_NS},0)
|
|
$(error "ENABLE_SME_FOR_SWD requires ENABLE_SME_FOR_NS")
|
|
endif
|
|
ifeq (${ENABLE_SVE_FOR_SWD},0)
|
|
$(error "ENABLE_SME_FOR_SWD requires ENABLE_SVE_FOR_SWD")
|
|
endif
|
|
endif #(ENABLE_SME_FOR_SWD)
|
|
|
|
# Enabling SVE for SWD requires enabling SVE for NWD due to ENABLE_FEAT
|
|
# mechanism.
|
|
ifeq (${ENABLE_SVE_FOR_SWD},1)
|
|
ifeq (${ENABLE_SVE_FOR_NS},0)
|
|
$(error "ENABLE_SVE_FOR_SWD requires ENABLE_SVE_FOR_NS")
|
|
endif
|
|
endif
|
|
|
|
# Enabling FEAT_MOPS requires access to hcrx_el2 registers which is
|
|
# available only when FEAT_HCX is enabled.
|
|
ifneq (${ENABLE_FEAT_MOPS},0)
|
|
ifeq (${ENABLE_FEAT_HCX},0)
|
|
$(error "ENABLE_FEAT_MOPS requires ENABLE_FEAT_HCX")
|
|
endif
|
|
endif
|
|
|
|
# Enabling SVE for both the worlds typically requires the context
|
|
# management of SVE registers. The only exception being SPMC at S-EL2.
|
|
ifeq (${ENABLE_SVE_FOR_SWD}, 1)
|
|
ifneq (${ENABLE_SVE_FOR_NS}, 0)
|
|
ifeq (${CTX_INCLUDE_SVE_REGS}-$(SPMD_SPM_AT_SEL2),0-0)
|
|
$(warning "ENABLE_SVE_FOR_SWD and ENABLE_SVE_FOR_NS together require CTX_INCLUDE_SVE_REGS")
|
|
endif
|
|
endif
|
|
endif
|
|
|
|
# Enabling SHA3 requires regular Crypto extension to be enabled
|
|
ifeq (${ENABLE_FEAT_CRYPTO_SHA3}, 1)
|
|
ifeq (${ENABLE_FEAT_CRYPTO}, 0)
|
|
$(error "ENABLE_FEAT_CRYPTO_SHA3 requires ENABLE_FEAT_CRYPTO")
|
|
endif
|
|
endif
|
|
|
|
ifeq (${ENABLE_FEAT_CRYPTO_SHA3}, 2)
|
|
$(warning "ENABLE_FEAT_CRYPTO_SHA3 does not have any effect when set to 2")
|
|
endif
|
|
|
|
ifeq (${ENABLE_FEAT_CRYPTO}, 2)
|
|
$(warning "ENABLE_FEAT_CRYPTO does not have any effect when set to 2")
|
|
endif
|
|
|
|
# Enabling SVE in either world while enabling CTX_INCLUDE_FPREGS requires
|
|
# CTX_INCLUDE_SVE_REGS to be enabled due to architectural dependency between FP
|
|
# and SVE registers.
|
|
ifeq (${CTX_INCLUDE_FPREGS}, 1)
|
|
ifneq (${ENABLE_SVE_FOR_NS},0)
|
|
ifeq (${CTX_INCLUDE_SVE_REGS},0)
|
|
# Warning instead of error due to CI dependency on this
|
|
$(warning "CTX_INCLUDE_FPREGS and ENABLE_SVE_FOR_NS together require CTX_INCLUDE_SVE_REGS")
|
|
$(warning "Forced ENABLE_SVE_FOR_NS=0")
|
|
override ENABLE_SVE_FOR_NS := 0
|
|
endif
|
|
endif
|
|
endif #(CTX_INCLUDE_FPREGS)
|
|
|
|
# SVE context management is only required if secure world has access to SVE/FP
|
|
# functionality.
|
|
# Enabling CTX_INCLUDE_SVE_REGS requires CTX_INCLUDE_FPREGS to be enabled due
|
|
# to architectural dependency between FP and SVE registers.
|
|
ifeq (${CTX_INCLUDE_SVE_REGS},1)
|
|
ifeq (${ENABLE_SVE_FOR_SWD},0)
|
|
$(error "CTX_INCLUDE_SVE_REGS requires ENABLE_SVE_FOR_SWD to also be enabled")
|
|
endif
|
|
ifeq (${CTX_INCLUDE_FPREGS},0)
|
|
$(error "CTX_INCLUDE_SVE_REGS requires CTX_INCLUDE_FPREGS to also be enabled")
|
|
endif #(CTX_INCLUDE_FPREGS)
|
|
endif #(CTX_INCLUDE_SVE_REGS)
|
|
|
|
# SME cannot be used with CTX_INCLUDE_FPREGS since SPM does its own context
|
|
# management including FPU registers.
|
|
ifeq (${CTX_INCLUDE_FPREGS},1)
|
|
ifneq (${ENABLE_SME_FOR_NS},0)
|
|
$(error "ENABLE_SME_FOR_NS cannot be used with CTX_INCLUDE_FPREGS")
|
|
endif
|
|
endif #(CTX_INCLUDE_FPREGS)
|
|
|
|
ifeq ($(DRTM_SUPPORT),1)
|
|
$(info DRTM_SUPPORT is an experimental feature)
|
|
endif
|
|
|
|
ifeq (${HOB_LIST},1)
|
|
$(warning HOB_LIST is an experimental feature)
|
|
endif
|
|
|
|
ifeq (${TRANSFER_LIST},1)
|
|
$(info TRANSFER_LIST is an experimental feature)
|
|
endif
|
|
|
|
ifeq ($(PSA_CRYPTO),1)
|
|
$(info PSA_CRYPTO is an experimental feature)
|
|
endif
|
|
|
|
ifeq ($(DICE_PROTECTION_ENVIRONMENT),1)
|
|
$(info DICE_PROTECTION_ENVIRONMENT is an experimental feature)
|
|
endif
|
|
|
|
ifeq (${LFA_SUPPORT},1)
|
|
$(warning LFA_SUPPORT is an experimental feature)
|
|
endif #(LFA_SUPPORT)
|
|
|
|
ifneq (${ENABLE_FEAT_MPAM_PE_BW_CTRL},0)
|
|
ifeq (${ENABLE_FEAT_MPAM},0)
|
|
$(error "ENABLE_FEAT_MPAM_PW_BW_CTRL requires ENABLE_FEAT_MPAM")
|
|
endif
|
|
endif #(ENABLE_FEAT_MPAM_PE_BW_CTRL)
|
|
|
|
ifneq (${DYNAMIC_WORKAROUND_CVE_2018_3639},0)
|
|
ifeq (${WORKAROUND_CVE_2018_3639},0)
|
|
$(error Error: WORKAROUND_CVE_2018_3639 must be 1 if DYNAMIC_WORKAROUND_CVE_2018_3639 is 1)
|
|
endif
|
|
endif
|
|
|
|
ifneq ($(ENABLE_FEAT_MORELLO),0)
|
|
ifneq ($($(ARCH)-cc-id),llvm-clang)
|
|
$(error ENABLE_FEAT_MORELLO requires Clang toolchain)
|
|
endif
|
|
$(warning Morello capability is an experimental feature)
|
|
endif
|
|
|
|
# Handle all deprecated build options.
|
|
ifeq (${ERROR_DEPRECATED}, 1)
|
|
ifneq (${NS_TIMER_SWITCH},0)
|
|
$(error "NS_TIMER_SWITCH breaks Linux preemption model, hence deprecated")
|
|
endif
|
|
ifneq (${SPM_MM},0)
|
|
$(error "SPM_MM build option is deprecated")
|
|
endif
|
|
endif
|
|
|
|
ifneq (${ENABLE_FEAT_IDTE3},0)
|
|
$(info FEAT_IDTE3 is an experimental feature)
|
|
endif #(ENABLE_FEAT_IDTE3)
|