From f94c74a74c5e5b47092b3e69695b1256b500c290 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Thu, 11 Jun 2026 16:45:05 +0200 Subject: [PATCH] Fix build for 2040 Signed-off-by: Pol Henarejos # Conflicts: # picokeys_sdk_import.cmake --- cmake/trusted.cmake | 50 +++++++++++++++++++++++++-------------- picokeys_sdk_import.cmake | 10 ++++++-- src/main.c | 4 ++++ src/rescue.c | 4 ++++ 4 files changed, 48 insertions(+), 20 deletions(-) diff --git a/cmake/trusted.cmake b/cmake/trusted.cmake index c0e5a34..d6f45c0 100644 --- a/cmake/trusted.cmake +++ b/cmake/trusted.cmake @@ -1,5 +1,13 @@ include_guard(GLOBAL) +function(picokeys_trusted_region_enabled out_var) + if(PICO_RP2350 OR ENABLE_EMULATION OR ESP_PLATFORM) + set(${out_var} TRUE PARENT_SCOPE) + else() + set(${out_var} FALSE PARENT_SCOPE) + endif() +endfunction() + macro(picokeys_init_trusted_config) set(PICOKEYS_TRUSTED_REGION_FLASH_BASE "0x100B0000" CACHE STRING "Fixed flash base for the trusted measurement region on Pico firmware builds") set(PICOKEYS_TRUSTED_STATE_RAM_BASE "0x20070000" CACHE STRING "Fixed RAM base for trusted writable state on Pico firmware builds") @@ -27,15 +35,18 @@ macro(picokeys_init_trusted_config) endmacro() function(configure_picokeys_mbedtls_target target_name) - target_sources(${target_name} PRIVATE ${TRUSTED_MBEDTLS_HELPER_SOURCES}) - target_compile_definitions(${target_name} PRIVATE - MBEDTLS_PLATFORM_ZEROIZE_ALT - memset=picokeys_trusted_memset - memcpy=picokeys_trusted_memcpy - memmove=picokeys_trusted_memmove - memcmp=picokeys_trusted_memcmp - ) - target_compile_options(${target_name} PRIVATE -fno-builtin) + picokeys_trusted_region_enabled(enable_trusted_region) + if(enable_trusted_region) + target_sources(${target_name} PRIVATE ${TRUSTED_MBEDTLS_HELPER_SOURCES}) + target_compile_definitions(${target_name} PRIVATE + MBEDTLS_PLATFORM_ZEROIZE_ALT + memset=picokeys_trusted_memset + memcpy=picokeys_trusted_memcpy + memmove=picokeys_trusted_memmove + memcmp=picokeys_trusted_memcmp + ) + target_compile_options(${target_name} PRIVATE -fno-builtin) + endif() endfunction() function(configure_picokeys_trusted_mbedtls_target target_name) @@ -77,7 +88,7 @@ endfunction() macro(picokeys_setup_trusted_mbedtls) if(NOT SKIP_MBEDTLS_FOR_OPENSSL_EMULATION) if(NOT ESP_PLATFORM) - if(PICO_PLATFORM AND NOT ENABLE_EMULATION) + if(PICO_PLATFORM AND PICO_RP2350 AND NOT ENABLE_EMULATION) add_library(trusted_mbedtls_build STATIC ${MBEDTLS_SOURCES}) target_include_directories(trusted_mbedtls_build SYSTEM PUBLIC ${CMAKE_CURRENT_LIST_DIR}/third-party/mbedtls/include @@ -190,14 +201,17 @@ macro(picokeys_setup_trusted_mbedtls) endmacro() macro(picokeys_configure_trusted_support_sources) - if(CMAKE_C_COMPILER_ID STREQUAL "GNU") - set_source_files_properties(${CMAKE_CURRENT_LIST_DIR}/src/trusted_mem.c PROPERTIES - COMPILE_OPTIONS "-fno-builtin;-fno-tree-loop-distribute-patterns" - ) - else() - set_source_files_properties(${CMAKE_CURRENT_LIST_DIR}/src/trusted_mem.c PROPERTIES - COMPILE_OPTIONS "-fno-builtin" - ) + picokeys_trusted_region_enabled(enable_trusted_region) + if(enable_trusted_region) + if(CMAKE_C_COMPILER_ID STREQUAL "GNU") + set_source_files_properties(${CMAKE_CURRENT_LIST_DIR}/src/trusted_mem.c PROPERTIES + COMPILE_OPTIONS "-fno-builtin;-fno-tree-loop-distribute-patterns" + ) + else() + set_source_files_properties(${CMAKE_CURRENT_LIST_DIR}/src/trusted_mem.c PROPERTIES + COMPILE_OPTIONS "-fno-builtin" + ) + endif() endif() if(DEFINED TRUSTED_REGION_EMBED_SOURCE) set_source_files_properties(${TRUSTED_REGION_EMBED_SOURCE} PROPERTIES diff --git a/picokeys_sdk_import.cmake b/picokeys_sdk_import.cmake index 99a1da4..6c1c25b 100644 --- a/picokeys_sdk_import.cmake +++ b/picokeys_sdk_import.cmake @@ -333,9 +333,15 @@ list(APPEND PICOKEYS_SOURCES ${CMAKE_CURRENT_LIST_DIR}/src/button.c ${CMAKE_CURRENT_LIST_DIR}/src/led/led.c ${CMAKE_CURRENT_LIST_DIR}/src/signal.c - ${CMAKE_CURRENT_LIST_DIR}/src/trusted.c ) +if(PICO_RP2350 OR ENABLE_EMULATION OR ESP_PLATFORM) + add_compile_definitions(PICOKEYS_HAS_TRUSTED_REGION=1) + list(APPEND PICOKEYS_SOURCES + ${CMAKE_CURRENT_LIST_DIR}/src/trusted.c + ) +endif() + if(ESP_PLATFORM) list(APPEND PICOKEYS_SOURCES ${CMAKE_CURRENT_LIST_DIR}/src/led/led_neopixel.c @@ -436,7 +442,7 @@ set(LIBCVC_SOURCES set(LIBRARIES) if(NOT SKIP_MBEDTLS_FOR_OPENSSL_EMULATION) - if(ESP_PLATFORM OR ENABLE_EMULATION OR NOT PICO_PLATFORM) + if(ESP_PLATFORM OR ENABLE_EMULATION OR NOT PICO_PLATFORM OR PICO_RP2040) list(APPEND LIBRARIES mbedtls) endif() endif() diff --git a/src/main.c b/src/main.c index 7f74ee2..9875523 100644 --- a/src/main.c +++ b/src/main.c @@ -42,7 +42,9 @@ #include "pico_time.h" #include "serial.h" #include "mbedtls/sha256.h" +#if defined(PICOKEYS_HAS_TRUSTED_REGION) #include "trusted.h" +#endif app_t apps[16]; uint8_t num_apps = 0; @@ -153,7 +155,9 @@ int app_main(void) { #else int main(void) { #endif +#if defined(PICOKEYS_HAS_TRUSTED_REGION) trusted_region_init(); +#endif serial_init(); #ifndef ENABLE_EMULATION diff --git a/src/rescue.c b/src/rescue.c index b70bd96..b284744 100644 --- a/src/rescue.c +++ b/src/rescue.c @@ -31,7 +31,9 @@ #include "random.h" #include "crypto_utils.h" #include "usb.h" +#if defined(PICOKEYS_HAS_TRUSTED_REGION) #include "trusted.h" +#endif #ifdef PICO_PLATFORM extern char __flash_binary_start; @@ -352,6 +354,7 @@ static int cmd_read(void) { res_APDU_size += put_uint32_be((uint32_t)tv_sec, res_APDU); } } +#if defined(PICOKEYS_HAS_TRUSTED_REGION) else if (p1 == 0x5) { // GET TRUST DIGEST uint8_t digest[32]; int ret = trusted_region_sha256(digest); @@ -361,6 +364,7 @@ static int cmd_read(void) { memcpy(res_APDU, digest, 32); res_APDU_size = 32; } +#endif else { return SW_INCORRECT_P1P2(); }