From: baocheng_su@163.com
To: isar-users@googlegroups.com, jan.kiszka@siemens.com,
felix.moessbauer@siemens.com
Cc: christian.storm@siemens.com, quirin.gylstorff@siemens.com,
baocheng.su@siemens.com, baocheng_su@163.com
Subject: [PATCH v2 0/7] Add optee family and friends
Date: Thu, 22 Jun 2023 03:22:10 +0800 [thread overview]
Message-ID: <20230621192217.2045717-1-baocheng_su@163.com> (raw)
From: Baocheng Su <baocheng.su@siemens.com>
This brings below optee family members:
optee-ta-devkit, optee-client, optee-examples
and a fTPM running in optee-os, plus some initramfs hooks for tee-supplicant and
the optee-ftpm.
The optee-ta-devkit is used to provide a sdk for building trusted application of
optee.
The optee-client provides the libteec1, the optee-client-dev, and the
tee-supplicant daemon.
The optee-examples provides both the optee TAs and host applications for
demostrating how to use optee-ta-devkit and optee-client-dev.
The initramfs hooks for tee-supplicant and optee-ftpm is used to support
initramfs stage applications that needs the optee-ftpm or other TAs, such as the
disk encryption based on TPM. An example is the LUKS2 implementation in
isar-cip-core.
Also bump the stm32mp15x optee-os version to 3.21.0 to ease the integration.
Since these bits are the common foundation for applications based on ARM
trustzone, isar should be the best place to hold them.
The idea is partly inspired by the ARM trusted substrace.
This integration use stm32mp15x as the demo platform. However, I might need some
help to verify on the real hardware, since I don't have one :)
Baocheng Su (7):
stm32mp15x: Bump optee-os to 3.21.0
Add recipe for optee TA devkit
Add recipe for optee-client
Add recipe for optee examples
Add recipe for optee ftpm
initramfs: Add recipe for tee-supplicant hook
initramfs: Add recipe for tee-ftpm hook
meta-isar/conf/machine/stm32mp15x.conf | 9 +-
.../optee-client-stm32mp15x_3.21.0.bb | 18 +++
.../optee-examples/files/debian/compat | 1 +
.../optee-examples/files/debian/control.tmpl | 112 ++++++++++++++++++
.../optee-examples/files/debian/rules.tmpl | 21 ++++
.../optee-examples-stm32mp15x_3.21.0.bb | 100 ++++++++++++++++
.../files/0001-add-enum-to-ta-flags.patch | 27 +++++
.../optee-ftpm-stm32mp15x_0~230316+git.bb | 35 ++++++
.../optee-os/optee-os-stm32mp15x_3.11.0.bb | 29 -----
.../optee-os/optee-os-stm32mp15x_3.21.0.bb | 38 ++++++
.../optee-os/optee-os-stm32mp15x_3.21.0.inc | 18 +++
.../optee-os-tadevkit-stm32mp15x_3.21.0.bb | 7 ++
.../images/stm32mp15x-initramfs.bb | 15 +++
.../lib/wic/canned-wks/stm32mp15x.wks.in | 2 +-
.../optee-client/files/debian/compat | 1 +
.../optee-client/files/debian/control.tmpl | 51 ++++++++
.../optee-client/files/debian/rules.tmpl | 27 +++++
.../files/debian/tee-supplicant.service | 21 ++++
.../optee-client/optee-client-custom.inc | 41 +++++++
.../optee-ftpm/files/debian/compat | 1 +
.../optee-ftpm/files/debian/control.tmpl | 11 ++
.../optee-ftpm/files/debian/rules.tmpl | 25 ++++
meta/recipes-bsp/optee-ftpm/optee-ftpm.inc | 47 ++++++++
.../optee-os/files/debian/control.tmpl | 4 +-
meta/recipes-bsp/optee-os/optee-os-custom.inc | 29 +----
.../optee-os/optee-os-tadevkit-custom.inc | 26 ++++
.../{optee-os-custom.inc => optee-os.inc} | 14 +--
.../files/tee-ftpm.hook | 25 ++++
.../files/tee-ftpm.script | 26 ++++
.../initramfs-tee-ftpm-hook_0.1.bb | 27 +++++
.../files/tee-supplicant.hook | 33 ++++++
.../files/tee-supplicant.script | 33 ++++++
.../initramfs-tee-supplicant-hook_0.1.bb | 27 +++++
testsuite/citest.py | 1 +
34 files changed, 834 insertions(+), 68 deletions(-)
create mode 100644 meta-isar/recipes-bsp/optee-client/optee-client-stm32mp15x_3.21.0.bb
create mode 100644 meta-isar/recipes-bsp/optee-examples/files/debian/compat
create mode 100644 meta-isar/recipes-bsp/optee-examples/files/debian/control.tmpl
create mode 100644 meta-isar/recipes-bsp/optee-examples/files/debian/rules.tmpl
create mode 100644 meta-isar/recipes-bsp/optee-examples/optee-examples-stm32mp15x_3.21.0.bb
create mode 100644 meta-isar/recipes-bsp/optee-ftpm/files/0001-add-enum-to-ta-flags.patch
create mode 100644 meta-isar/recipes-bsp/optee-ftpm/optee-ftpm-stm32mp15x_0~230316+git.bb
delete mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.11.0.bb
create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb
create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.inc
create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-stm32mp15x_3.21.0.bb
create mode 100644 meta-isar/recipes-initramfs/images/stm32mp15x-initramfs.bb
create mode 100644 meta/recipes-bsp/optee-client/files/debian/compat
create mode 100644 meta/recipes-bsp/optee-client/files/debian/control.tmpl
create mode 100755 meta/recipes-bsp/optee-client/files/debian/rules.tmpl
create mode 100644 meta/recipes-bsp/optee-client/files/debian/tee-supplicant.service
create mode 100644 meta/recipes-bsp/optee-client/optee-client-custom.inc
create mode 100644 meta/recipes-bsp/optee-ftpm/files/debian/compat
create mode 100644 meta/recipes-bsp/optee-ftpm/files/debian/control.tmpl
create mode 100755 meta/recipes-bsp/optee-ftpm/files/debian/rules.tmpl
create mode 100644 meta/recipes-bsp/optee-ftpm/optee-ftpm.inc
create mode 100644 meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc
copy meta/recipes-bsp/optee-os/{optee-os-custom.inc => optee-os.inc} (62%)
create mode 100644 meta/recipes-initramfs/initramfs-tee-ftpm-hook/files/tee-ftpm.hook
create mode 100644 meta/recipes-initramfs/initramfs-tee-ftpm-hook/files/tee-ftpm.script
create mode 100644 meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb
create mode 100644 meta/recipes-initramfs/initramfs-tee-supplicant-hook/files/tee-supplicant.hook
create mode 100644 meta/recipes-initramfs/initramfs-tee-supplicant-hook/files/tee-supplicant.script
create mode 100644 meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb
--
2.30.2
next reply other threads:[~2023-06-21 19:23 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-21 19:22 baocheng_su [this message]
2023-06-21 19:22 ` [PATCH v2 1/7] stm32mp15x: Bump optee-os to 3.21.0 baocheng_su
2023-06-22 17:50 ` Henning Schild
2023-06-21 19:22 ` [PATCH v2 2/7] Add recipe for optee TA devkit baocheng_su
2023-06-21 19:22 ` [PATCH v2 3/7] Add recipe for optee-client baocheng_su
2023-06-22 5:52 ` Jan Kiszka
2023-06-22 18:00 ` Henning Schild
2023-06-22 18:36 ` Jan Kiszka
2023-06-22 18:43 ` Henning Schild
2023-06-22 20:10 ` Jan Kiszka
2023-06-22 18:02 ` Henning Schild
2023-06-22 18:34 ` Jan Kiszka
2023-06-21 19:22 ` [PATCH v2 4/7] Add recipe for optee examples baocheng_su
2023-06-21 19:22 ` [PATCH v2 5/7] Add recipe for optee ftpm baocheng_su
2023-06-22 6:02 ` Jan Kiszka
2023-06-22 6:21 ` Su Baocheng
2023-06-22 6:40 ` Jan Kiszka
2023-06-21 19:22 ` [PATCH v2 6/7] initramfs: Add recipe for tee-supplicant hook baocheng_su
2023-06-21 19:22 ` [PATCH v2 7/7] initramfs: Add recipe for tee-ftpm hook baocheng_su
2023-06-22 6:01 ` [PATCH v2 0/7] Add optee family and friends Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230621192217.2045717-1-baocheng_su@163.com \
--to=baocheng_su@163.com \
--cc=baocheng.su@siemens.com \
--cc=christian.storm@siemens.com \
--cc=felix.moessbauer@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
--cc=quirin.gylstorff@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox