#=========================================================================== # Copyright (c) 2011-2016, 2017 QUALCOMM Technologies Incorporated. # All Rights Reserved. # Qualcomm Confidential and Proprietary #=========================================================================== # # # GENERAL DESCRIPTION # build script # EDIT HISTORY FOR FILE # # This section contains comments describing changes made to the module. # Notice that changes are listed in reverse chronological order. # # when who what, where, why # -------- --- --------------------------------------------------------- # #=============================================================================== # Import the SCons environment passed by the SConstruct to facilitate # TA compilation. Import('env') import os # Cloning the passed SCons construction environment since changing the # environment may interfere with subsequent TA compilations. env = env.Clone() #------------------------------------------------------------------------------- # Source PATH #------------------------------------------------------------------------------- env['APP_NAME'] = 'skpm' TZ_CHIPSET = os.environ.get('TZ_CHIPSET', 'Unknown') PLATFORM_VER = os.environ.get('PLATFORM_VER', 'Unknown') MEMORY_ALLOC = os.environ.get('MEMORY_ALLOC', 'USE_COMPILER_MEMORY_ALLOC') USE_SCRYPTO = os.environ.get('USE_SCRYPTO', 'False') SCRYPTO_VER = os.environ.get('SCRYPTO_VER', 'Unknown') SUPPORT_GUARDIAN_M = os.environ.get('SUPPORT_GUARDIAN_M', 'False') SUPPORT_NEW_TA_BUILD = os.environ.get('SUPPORT_NEW_TA_BUILD', 'False') print('*****************************') print('TZ_CHIPSET : ' + TZ_CHIPSET) print('*****************************') print('PLATFORM_VER : ' + PLATFORM_VER) print('*****************************') print('MEMORY_ALLOC : ' + MEMORY_ALLOC) print('*****************************') print('USE_SCRYPTO : ' + USE_SCRYPTO) print('*****************************') print('SCRYPTO_VER : ' + SCRYPTO_VER) print('*****************************') print('SUPPORT_GUARDIAN_M : ' + SUPPORT_GUARDIAN_M) print('*****************************') print('SUPPORT_NEW_TA_BUILD : ' + SUPPORT_NEW_TA_BUILD) print('*****************************') env.Append(CPPDEFINES = [ "SKPM", "USE_QSEE", # "DEBUG_LOW", ]) env.Append(CPPDEFINES = [ TZ_CHIPSET.upper(), ]) env.Append(CPPDEFINES = [ "TZ_CHIPSET=\\\"%s\\\"" % TZ_CHIPSET, ]) if PLATFORM_VER == 'T': env.Append(CPPDEFINES = [ "TIZEN", ]) if SUPPORT_GUARDIAN_M == 'True': env.Append(CPPDEFINES = [ "SUPPORT_GUARDIAN_M", ]) env.Append(CPPDEFINES = [ MEMORY_ALLOC, ]) if SUPPORT_NEW_TA_BUILD == 'true': env.Append(CPPDEFINES = [ "SECBOOT_OEM_SECAPP", "USE_ALT_ROTHASH", ]) if env.has_key('USES_NO_CP'): env.Append(CCFLAGS = ' -DUSES_NO_CP ') #------------------------------------------------------------------------------ # We need to specify "neon" to generate SIMD instructions in 32-bit mode #------------------------------------------------------------------------------ #if env['PROC'] == 'scorpion': # env.Append(CCFLAGS = " -mfpu=neon ") #------------------------------------------------------------------------------- # Compiler, object, and linker definitions #------------------------------------------------------------------------------- # do not generate thumb code for inline assembler code #env.Append(ARMCC_OPT = ' -marm') env.Append(CFLAGS = ' -fstack-protector -fstack-protector-all') env.Append(CCFLAGS=' -g0') env.Append(LINKFLAGS=' -s') env.Append(LINKFLAGS=' -no-threads ') includes = [ "${SDK_ROOT}/inc/qsee/", "include", "include/iso7816", "include/crypto", "include/skpm", "include/swbc", ] if SUPPORT_GUARDIAN_M == 'True': includes = includes + [ "include/guardianM", ] if USE_SCRYPTO == 'True': env.Append(CPPDEFINES = [ "USE_SCRYPTO", ]) if SCRYPTO_VER == '2.6': includes = includes + [ "include/crypto/scrypto/2.6", ] elif SCRYPTO_VER == '2.5': includes = includes + [ "include/crypto/scrypto/2.5", ] else: includes = includes + [ "include/crypto/scrypto/2.4", ] else: env.Append(CPPDEFINES = [ "CTR_DRBG_DYNAMIC_BUFFERS", "QSEE", "LOCAL_STD_LIB", "CRYPTO_CORE", "NO_SYS_TYPES_H", "OPENSSL_NO_LOCKING", "OPENSSL_NO_ENGINE", "OPENSSL_NO_DSA", "OPENSSL_NO_DH", "OPENSSL_NO_STDIO", "GETPID_IS_MEANINGLESS", "OPENSSL_NO_CMS", "OPENSSL_EXPORT_VAR_AS_FUNCTION", "SWD", "QSEE_SWD", "OPENSSL_NO_ASM", ]) includes = includes + [ "include/crypto/cryptocore", "src/common/crypto", ] #---------------------------------------------------------------------------- # App core Objects #---------------------------------------------------------------------------- if USE_SCRYPTO == 'True': crypto_sources = [ 'src/common/crypto/platform/qsee.c', 'src/common/crypto/crypto_module.c', 'src/common/crypto/openssl/aes/aes_ccm.c', 'src/common/crypto/openssl/ec/ec_print.c', ] else: crypto_sources = [ 'src/common/crypto/platform/qsee.c', 'src/common/crypto/crypto_module.c', 'src/common/crypto/crypto_core_init.c', 'src/common/crypto/cryptolib_init.c', 'src/common/crypto/cryptolib_ver.c', 'src/common/crypto/pd_rand/pd_rand.c', 'src/common/crypto/rand/cc_rand.c', 'src/common/crypto/drbg/ctr_drbg.c', 'src/common/crypto/drbg/ctr_drbg_raw.c', 'src/common/crypto/drbg/ctr_drbg_ossl.c', 'src/common/crypto/libc_functions/libc_functions.c', 'src/common/crypto/openssl/mem_clr.c', 'src/common/crypto/openssl/ecdh/ech_ossl.c', 'src/common/crypto/openssl/ecdh/ech_lib.c', 'src/common/crypto/openssl/ecdh/ech_key.c', 'src/common/crypto/openssl/sha/sha256.c', 'src/common/crypto/openssl/sha/sha512.c', 'src/common/crypto/openssl/sha/sha1dgst.c', 'src/common/crypto/openssl/sha/sha1_one.c', 'src/common/crypto/openssl/sha/sha_one.c', 'src/common/crypto/openssl/sha/sha_dgst.c', 'src/common/crypto/openssl/lhash/lhash.c', 'src/common/crypto/openssl/modes/gcm128.c', 'src/common/crypto/openssl/modes/cfb128.c', 'src/common/crypto/openssl/modes/ofb128.c', 'src/common/crypto/openssl/modes/cts128.c', 'src/common/crypto/openssl/modes/ctr128.c', 'src/common/crypto/openssl/modes/cbc128.c', 'src/common/crypto/openssl/modes/ccm128.c', 'src/common/crypto/openssl/modes/xts128.c', 'src/common/crypto/openssl/asn1/a_object.c', 'src/common/crypto/openssl/asn1/tasn_utl.c', 'src/common/crypto/openssl/asn1/tasn_dec.c', 'src/common/crypto/openssl/asn1/a_dup.c', 'src/common/crypto/openssl/asn1/a_type.c', 'src/common/crypto/openssl/asn1/tasn_fre.c', 'src/common/crypto/openssl/asn1/tasn_enc.c', 'src/common/crypto/openssl/asn1/tasn_typ.c', 'src/common/crypto/openssl/asn1/x_algor.c', 'src/common/crypto/openssl/asn1/a_int.c', 'src/common/crypto/openssl/asn1/x_attrib.c', 'src/common/crypto/openssl/asn1/x_sig.c', 'src/common/crypto/openssl/asn1/a_bitstr.c', 'src/common/crypto/openssl/asn1/x_bignum.c', 'src/common/crypto/openssl/asn1/asn1_lib.c', 'src/common/crypto/openssl/asn1/tasn_new.c', 'src/common/crypto/openssl/bn/bn_word.c', 'src/common/crypto/openssl/bn/bn_recp.c', 'src/common/crypto/openssl/bn/bn_mpi.c', 'src/common/crypto/openssl/bn/bn_mod.c', 'src/common/crypto/openssl/bn/bn_print.c', 'src/common/crypto/openssl/bn/bn_const.c', 'src/common/crypto/openssl/bn/bn_sqr.c', 'src/common/crypto/openssl/bn/bn_asm.c', 'src/common/crypto/openssl/bn/bn_div.c', 'src/common/crypto/openssl/bn/bn_prime.c', 'src/common/crypto/openssl/bn/bn_mul.c', 'src/common/crypto/openssl/bn/bn_add.c', 'src/common/crypto/openssl/bn/bn_mont.c', 'src/common/crypto/openssl/bn/bn_rand.c', 'src/common/crypto/openssl/bn/bn_gcd.c', 'src/common/crypto/openssl/bn/bn_exp.c', 'src/common/crypto/openssl/bn/bn_shift.c', 'src/common/crypto/openssl/bn/bn_nist.c', 'src/common/crypto/openssl/bn/bn_blind.c', 'src/common/crypto/openssl/bn/bn_kron.c', 'src/common/crypto/openssl/bn/bn_lib.c', 'src/common/crypto/openssl/bn/bn_sqrt.c', 'src/common/crypto/openssl/bn/bn_ctx.c', 'src/common/crypto/openssl/ecdsa/ecs_lib.c', 'src/common/crypto/openssl/ecdsa/ecs_ossl.c', 'src/common/crypto/openssl/ecdsa/ecs_sign.c', 'src/common/crypto/openssl/ecdsa/ecs_vrf.c', 'src/common/crypto/openssl/ecdsa/ecs_asn1.c', 'src/common/crypto/openssl/aes/aes_cbc.c', 'src/common/crypto/openssl/aes/aes_ccm.c', 'src/common/crypto/openssl/aes/aes_cfb.c', 'src/common/crypto/openssl/aes/aes_core.c', 'src/common/crypto/openssl/aes/aes_ctr.c', 'src/common/crypto/openssl/aes/aes_ecb.c', 'src/common/crypto/openssl/aes/aes_ige.c', 'src/common/crypto/openssl/aes/aes_misc.c', 'src/common/crypto/openssl/aes/aes_ofb.c', 'src/common/crypto/openssl/aes/aes_wrap.c', 'src/common/crypto/openssl/ex_data.c', 'src/common/crypto/openssl/evp/m_sha1.c', 'src/common/crypto/openssl/evp/e_aes.c', 'src/common/crypto/openssl/evp/digest.c', 'src/common/crypto/openssl/evp/c_all.c', 'src/common/crypto/openssl/evp/c_allc.c', 'src/common/crypto/openssl/evp/names.c', 'src/common/crypto/openssl/evp/p_lib.c', 'src/common/crypto/openssl/evp/evp_lib.c', 'src/common/crypto/openssl/evp/pmeth_gn.c', 'src/common/crypto/openssl/evp/c_alld.c', 'src/common/crypto/openssl/evp/pmeth_lib.c', 'src/common/crypto/openssl/evp/evp_enc.c', 'src/common/crypto/openssl/hmac/hmac.c', 'src/common/crypto/openssl/stack/stack.c', 'src/common/crypto/openssl/buffer/buffer.c', 'src/common/crypto/openssl/objects/obj_dat.c', 'src/common/crypto/openssl/objects/o_names.c', 'src/common/crypto/openssl/objects/obj_lib.c', 'src/common/crypto/openssl/bio/b_print.c', 'src/common/crypto/openssl/cryptlib.c', 'src/common/crypto/openssl/rand/rand_lib.c', 'src/common/crypto/openssl/rand/rand_poll_target.c', 'src/common/crypto/openssl/rand/md_rand.c', 'src/common/crypto/openssl/mem.c', 'src/common/crypto/openssl/rsa/rsa_pmeth.c', 'src/common/crypto/openssl/rsa/rsa_err.c', 'src/common/crypto/openssl/rsa/rsa_pk1.c', 'src/common/crypto/openssl/rsa/rsa_oaep.c', 'src/common/crypto/openssl/rsa/rsa_gen.c', 'src/common/crypto/openssl/rsa/rsa_x931.c', 'src/common/crypto/openssl/rsa/rsa_none.c', 'src/common/crypto/openssl/rsa/rsa_sign.c', 'src/common/crypto/openssl/rsa/rsa_crpt.c', 'src/common/crypto/openssl/rsa/rsa_ssl.c', 'src/common/crypto/openssl/rsa/rsa_eay.c', 'src/common/crypto/openssl/rsa/rsa_saos.c', 'src/common/crypto/openssl/rsa/rsa_pss.c', 'src/common/crypto/openssl/rsa/rsa_chk.c', 'src/common/crypto/openssl/rsa/rsa_lib.c', 'src/common/crypto/openssl/ec/ec_pmeth.c', 'src/common/crypto/openssl/ec/ec_lib.c', 'src/common/crypto/openssl/ec/ecp_oct.c', 'src/common/crypto/openssl/ec/ec_mult.c', 'src/common/crypto/openssl/ec/ec_key.c', 'src/common/crypto/openssl/ec/ec_oct.c', 'src/common/crypto/openssl/ec/ecp_smpl.c', 'src/common/crypto/openssl/ec/ec_cvt.c', 'src/common/crypto/openssl/ec/ec_curve.c', 'src/common/crypto/openssl/ec/ec_print.c', 'src/common/crypto/openssl/ec/ecp_nist.c', 'src/common/crypto/openssl/ec/ecp_nistputil.c', 'src/common/crypto/openssl/ec/ecp_nistp256.c', 'src/common/crypto/openssl/ec/ecp_mont.c', 'src/common/crypto/openssl/o_init.c', 'src/common/crypto/openssl/err/err.c', ] swbc_sources = [ 'src/common/swbc/aes128-swbc-layer1-cbc.c', 'src/common/swbc/swbc-aes.c', 'src/common/swbc/swbc-utils.c', ] app_core_sources = [ 'src/common/skpm/skpm.c', 'src/common/skpm/skpm_tls.c', 'src/common/skpm/skpm_util.c', 'src/common/skpm/skpm_test.c', 'src/common/skpm/debug.c', 'src/common/skpm/skpm_crypto_util.c', 'src/common/skpm/skpm_cmd_handler.c', 'src/common/skpm/skpm_service_key.c', 'src/qsee/tlSkpm.c', ] user_static_lib = [ ] if SUPPORT_GUARDIAN_M == 'True': user_static_lib += [ File(os.getenv("GUARDIANM_LIB")), ] if USE_SCRYPTO == 'True': user_static_lib += [ File(os.getenv("SCRYPTO_LIB_FILE")), ] build_id = env['SHORT_BUILDPATH'] fips_tools_script = os.getenv("FIPS_TOOLS_SCRIPT") QSAPPS_DIR = os.getenv("QSEE_BSP_QSAPPS_DIR") TOOLS_DIR = os.getenv("TOOLS_DIR") USE_BUILD_ID = os.environ.get('USE_BUILD_ID', 'True') if USE_BUILD_ID == 'True': run_fips_tools_command = fips_tools_script + " " + QSAPPS_DIR + "/skpm/build/" + build_id + "/skpm.elf " + TOOLS_DIR else: run_fips_tools_command = fips_tools_script + " " + QSAPPS_DIR + "/skpm/build/skpm.elf " + TOOLS_DIR env.Append(LINKCOM = " && ") env.Append(LINKCOM = run_fips_tools_command) # Add metadata to image #------------------------------------------------------------------------------- if SUPPORT_GUARDIAN_M == 'True': md = { 'appName': 'skpm', 'privileges': [ 'default', 'OEMUnwrapKeys', 'CertValidate', 'SPI', 'TLMM', 'System', ], 'stackSize' : 0x16000, 'heapSize' : 0x16000, } else: md = { 'appName': 'skpm', 'privileges': [ 'default', 'OEMUnwrapKeys', 'CertValidate', 'System', ], 'stackSize' : 0x16000, 'heapSize' : 0x16000, } skpm_units = env.SecureAppBuilder( sources = [ crypto_sources+swbc_sources+app_core_sources ], includes = includes, metadata = md, image = 'skpm', user_libs = [ user_static_lib ] ) op = env.Alias('skpm', skpm_units) Return('skpm_units')