WIP: Trying to get nrfx, MDK to work with nrf_security_utils library

Signed-off-by: Frank Audun Kvamtrø <[email protected]>

modules/trusted-firmware-m/tfm_boards/external_core.cmake

@@ -69,7 +69,8 @@ if(TARGET psa_crypto_config)
         INTERFACE
             ${PSA_CRYPTO_CONFIG_INTERFACE_PATH}
             ${NRF_SECURITY_ROOT}/include
-            ${OBERON_PSA_CORE_PATH}/include/
+            ${OBERON_PSA_CORE_PATH}/include
+            ${NRF_DIR}/include/tfm
     )
 endif()
 
@@ -87,7 +88,8 @@ if(TARGET psa_crypto_library_config)
         INTERFACE
             ${PSA_CRYPTO_CONFIG_LIBRARY_PATH}
             ${NRF_SECURITY_ROOT}/include
-            ${OBERON_PSA_CORE_PATH}/include/
+            ${OBERON_PSA_CORE_PATH}/include
+            ${NRF_DIR}/include/tfm
     )
 endif()
 

subsys/nrf_security/configs/config_extra.cmake.in

@@ -15,6 +15,7 @@ set(NRFXLIB_DIR          ${ZEPHYR_NRFXLIB_MODULE_DIR}            CACHE STRING "n
 set(NRF_SECURITY_ROOT    ${NRF_DIR}/subsys/nrf_security          CACHE STRING "nrf_security root folder")
 set(OBERON_PSA_CORE_PATH ${ZEPHYR_OBERON_PSA_CRYPTO_MODULE_DIR}  CACHE STRING "oberon-psa-core folder")
 set(ARM_MBEDTLS_PATH     ${ZEPHYR_MBEDTLS_MODULE_DIR}            CACHE STRING "Mbed TLS folder")
+set(NRF_DIR              ${NRF_DIR}                              CACHE STRING "NRF folder")
 
 # This file is populated with the Mbed TLS config file names
 set(MBEDTLS_CONFIG_FILE                 ${CONFIG_MBEDTLS_CFG_FILE}                      CACHE STRING "Mbed TLS Config file")

subsys/nrf_security/src/core/nrf_oberon/CMakeLists.txt

@@ -44,6 +44,7 @@ target_link_libraries(oberon_psa_core
   PRIVATE
     psa_crypto_library_config
     mbedcrypto_base
+    nrf_security_utils
 )
 
 nrf_security_add_zephyr_options_library(oberon_psa_core)

subsys/nrf_security/src/drivers/cracen/CMakeLists.txt

@@ -46,6 +46,18 @@ target_link_libraries(cracen_psa_driver
     nrf_security_utils
 )
 
+# Give access to cmsis, nrfx and MDK inside TF-M build
+# to allow for referencing nRF events. Note that 
+# tfm_sp_log needs to be added because __assert.h requires
+# it
+if(BUILD_INSIDE_TFM)
+  target_link_libraries(cracen_psa_driver
+    PRIVATE
+      platform_s
+      tfm_sp_log
+  )
+endif()
+
 # Link oberon_psa_core with this PSA crypto driver
 target_link_libraries(oberon_psa_core
   PRIVATE

subsys/nrf_security/src/utils/nrf_security_utils.cmake

@@ -14,13 +14,24 @@ target_include_directories(nrf_security_utils
     ${CMAKE_CURRENT_LIST_DIR}
 )
 
-# This special linking is done to give access to the zephyr kernel library
-# which possibly isn't --whole-archived in the build. Trying to link to the 
-# kernel library directly will give cyclic dependency. The only way to avoid
-# it seems to be to link with a full path instead.
-target_link_libraries(nrf_security_utils
-  PRIVATE
-    ${CMAKE_BINARY_DIR}/zephyr/kernel/libkernel.a
-)
+if(BUILD_INSIDE_TFM)
+  # This gives access to cmsis, nrfx and mdk and the tfm_sp_log used by 
+  # __assert.h
+  target_link_libraries(nrf_security_utils
+    PUBLIC
+      platform_s
+      tfm_sp_log
+      tfm_psa_rot_partition_crypto
+  )
+else()
+  # This special linking is done to give access to the zephyr kernel library
+  # which possibly isn't --whole-archived in the build. Trying to link to the 
+  # kernel library directly will give cyclic dependency. The only way to avoid
+  # it seems to be to link with a full path instead.
+  target_link_libraries(nrf_security_utils
+    PRIVATE
+      ${CMAKE_BINARY_DIR}/zephyr/kernel/libkernel.a
+  )
+endif()
 
 nrf_security_add_zephyr_options_library(nrf_security_utils)