From: Uladzimir Bely <ubely@ilbers.de>
To: isar-users@googlegroups.com
Subject: Re: [PATCH v3 0/7] Add optee family and friends
Date: Tue, 11 Jul 2023 09:43:16 +0300 [thread overview]
Message-ID: <0f7af277b33c42bd0e1b90ad0d8ed49ce28953ee.camel@ilbers.de> (raw)
In-Reply-To: <20230705053340.1158024-1-baocheng.su@siemens.com>
On Wed, 2023-07-05 at 13:33 +0800, baocheng.su via isar-users wrote:
> From: Baocheng Su <baocheng.su@siemens.com>
>
> This brings below optee family members:
> optee-ta-devkit, optee-client, optee-examples
> and a fTPM running in optee-os, plus some initramfs hooks for tee-
> supplicant and
> the optee-ftpm.
>
> The optee-ta-devkit is used to provide a sdk for building trusted
> application of
> optee.
>
> The optee-client provides the libteec1, the optee-client-dev, and the
> tee-supplicant daemon.
>
> The optee-examples provides both the optee TAs and host applications
> for
> demostrating how to use optee-ta-devkit and optee-client-dev.
>
> The initramfs hooks for tee-supplicant and optee-ftpm is used to
> support
> initramfs stage applications that needs the optee-ftpm or other TAs,
> such as the
> disk encryption based on TPM. An example is the LUKS2 implementation
> in
> isar-cip-core.
>
> Also bump the stm32mp15x optee-os version to 3.21.0 to ease the
> integration.
>
> Since these bits are the common foundation for applications based on
> ARM
> trustzone, isar should be the best place to hold them.
>
> The idea is partly inspired by the ARM trusted substrate.
>
> This integration use stm32mp15x as the demo platform. However, I
> might need some
> help to verify on the real hardware, since I don't have one :)
>
> Changes since v2:
> - update copyright header to 2023
> - define RPMB_EMU to replace the RPMB_EMU_BUILD_OPT
> - depends systemd for tee-supplicant
> - add new line EOF for some source files.
>
> Baocheng Su (7):
> stm32mp15x: Bump optee-os to 3.21.0
> Add recipe for optee TA devkit
> Add recipe for optee-client
> Add recipe for optee examples
> Add recipe for optee ftpm
> initramfs: Add recipe for tee-supplicant hook
> initramfs: Add recipe for tee-ftpm hook
>
> meta-isar/conf/machine/stm32mp15x.conf | 9 +-
> .../optee-client-stm32mp15x_3.21.0.bb | 18 +++
> .../optee-examples/files/debian/compat | 1 +
> .../optee-examples/files/debian/control.tmpl | 112
> ++++++++++++++++++
> .../optee-examples/files/debian/rules.tmpl | 21 ++++
> .../optee-examples-stm32mp15x_3.21.0.bb | 100 ++++++++++++++++
> .../files/0001-add-enum-to-ta-flags.patch | 27 +++++
> .../optee-ftpm-stm32mp15x_0~230316+git.bb | 35 ++++++
> .../optee-os/optee-os-stm32mp15x_3.11.0.bb | 29 -----
> .../optee-os/optee-os-stm32mp15x_3.21.0.bb | 38 ++++++
> .../optee-os/optee-os-stm32mp15x_3.21.0.inc | 18 +++
> .../optee-os-tadevkit-stm32mp15x_3.21.0.bb | 7 ++
> .../images/stm32mp15x-initramfs.bb | 15 +++
> .../lib/wic/canned-wks/stm32mp15x.wks.in | 2 +-
> .../optee-client/files/debian/compat | 1 +
> .../optee-client/files/debian/control.tmpl | 51 ++++++++
> .../optee-client/files/debian/rules.tmpl | 27 +++++
> .../files/debian/tee-supplicant.service | 21 ++++
> .../optee-client/optee-client-custom.inc | 41 +++++++
> .../optee-ftpm/files/debian/compat | 1 +
> .../optee-ftpm/files/debian/control.tmpl | 11 ++
> .../optee-ftpm/files/debian/rules.tmpl | 25 ++++
> meta/recipes-bsp/optee-ftpm/optee-ftpm.inc | 47 ++++++++
> .../optee-os/files/debian/control.tmpl | 4 +-
> meta/recipes-bsp/optee-os/optee-os-custom.inc | 29 +----
> .../optee-os/optee-os-tadevkit-custom.inc | 26 ++++
> .../{optee-os-custom.inc => optee-os.inc} | 14 +--
> .../files/tee-ftpm.hook | 25 ++++
> .../files/tee-ftpm.script | 26 ++++
> .../initramfs-tee-ftpm-hook_0.1.bb | 27 +++++
> .../files/tee-supplicant.hook | 33 ++++++
> .../files/tee-supplicant.script | 33 ++++++
> .../initramfs-tee-supplicant-hook_0.1.bb | 27 +++++
> testsuite/citest.py | 1 +
> 34 files changed, 834 insertions(+), 68 deletions(-)
> create mode 100644 meta-isar/recipes-bsp/optee-client/optee-client-
> stm32mp15x_3.21.0.bb
> create mode 100644 meta-isar/recipes-bsp/optee-
> examples/files/debian/compat
> create mode 100644 meta-isar/recipes-bsp/optee-
> examples/files/debian/control.tmpl
> create mode 100644 meta-isar/recipes-bsp/optee-
> examples/files/debian/rules.tmpl
> create mode 100644 meta-isar/recipes-bsp/optee-examples/optee-
> examples-stm32mp15x_3.21.0.bb
> create mode 100644 meta-isar/recipes-bsp/optee-ftpm/files/0001-add-
> enum-to-ta-flags.patch
> create mode 100644 meta-isar/recipes-bsp/optee-ftpm/optee-ftpm-
> stm32mp15x_0~230316+git.bb
> delete mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-
> stm32mp15x_3.11.0.bb
> create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-
> stm32mp15x_3.21.0.bb
> create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-
> stm32mp15x_3.21.0.inc
> create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-
> stm32mp15x_3.21.0.bb
> create mode 100644 meta-isar/recipes-initramfs/images/stm32mp15x-
> initramfs.bb
> create mode 100644 meta/recipes-bsp/optee-client/files/debian/compat
> create mode 100644 meta/recipes-bsp/optee-
> client/files/debian/control.tmpl
> create mode 100755 meta/recipes-bsp/optee-
> client/files/debian/rules.tmpl
> create mode 100644 meta/recipes-bsp/optee-client/files/debian/tee-
> supplicant.service
> create mode 100644 meta/recipes-bsp/optee-client/optee-client-
> custom.inc
> create mode 100644 meta/recipes-bsp/optee-ftpm/files/debian/compat
> create mode 100644 meta/recipes-bsp/optee-
> ftpm/files/debian/control.tmpl
> create mode 100755 meta/recipes-bsp/optee-
> ftpm/files/debian/rules.tmpl
> create mode 100644 meta/recipes-bsp/optee-ftpm/optee-ftpm.inc
> create mode 100644 meta/recipes-bsp/optee-os/optee-os-tadevkit-
> custom.inc
> copy meta/recipes-bsp/optee-os/{optee-os-custom.inc => optee-os.inc}
> (62%)
> create mode 100644 meta/recipes-initramfs/initramfs-tee-ftpm-
> hook/files/tee-ftpm.hook
> create mode 100644 meta/recipes-initramfs/initramfs-tee-ftpm-
> hook/files/tee-ftpm.script
> create mode 100644 meta/recipes-initramfs/initramfs-tee-ftpm-
> hook/initramfs-tee-ftpm-hook_0.1.bb
> create mode 100644 meta/recipes-initramfs/initramfs-tee-supplicant-
> hook/files/tee-supplicant.hook
> create mode 100644 meta/recipes-initramfs/initramfs-tee-supplicant-
> hook/files/tee-supplicant.script
> create mode 100644 meta/recipes-initramfs/initramfs-tee-supplicant-
> hook/initramfs-tee-supplicant-hook_0.1.bb
>
> --
> 2.39.2
>
Applied to next, thanks.
prev parent reply other threads:[~2023-07-11 6:43 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-05 5:33 baocheng.su
2023-07-05 5:33 ` [PATCH v3 1/7] stm32mp15x: Bump optee-os to 3.21.0 baocheng.su
2023-07-05 5:33 ` [PATCH v3 2/7] Add recipe for optee TA devkit baocheng.su
2023-07-05 5:33 ` [PATCH v3 3/7] Add recipe for optee-client baocheng.su
2023-07-06 5:35 ` Uladzimir Bely
2023-07-06 6:56 ` Jan Kiszka
2023-07-12 12:17 ` Jan Kiszka
2023-07-05 5:33 ` [PATCH v3 4/7] Add recipe for optee examples baocheng.su
2023-07-05 5:33 ` [PATCH v3 5/7] Add recipe for optee ftpm baocheng.su
2023-07-12 12:16 ` Jan Kiszka
2023-07-05 5:33 ` [PATCH v3 6/7] initramfs: Add recipe for tee-supplicant hook baocheng.su
2023-07-17 16:09 ` Jan Kiszka
2023-07-05 5:33 ` [PATCH v3 7/7] initramfs: Add recipe for tee-ftpm hook baocheng.su
2023-07-11 6:43 ` Uladzimir Bely [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0f7af277b33c42bd0e1b90ad0d8ed49ce28953ee.camel@ilbers.de \
--to=ubely@ilbers.de \
--cc=isar-users@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox