From: baocheng_su@163.com
To: isar-users@googlegroups.com, jan.kiszka@siemens.com,
felix.moessbauer@siemens.com
Cc: christian.storm@siemens.com, quirin.gylstorff@siemens.com,
baocheng.su@siemens.com, baocheng_su@163.com
Subject: [PATCH v2 2/7] Add recipe for optee TA devkit
Date: Thu, 22 Jun 2023 03:22:12 +0800 [thread overview]
Message-ID: <20230621192217.2045717-3-baocheng_su@163.com> (raw)
In-Reply-To: <20230621192217.2045717-1-baocheng_su@163.com>
From: Baocheng Su <baocheng.su@siemens.com>
The TA dev kit is used to build trusted applications, details refer to
[1]. A typical use case of this devkit is a firmware TPM reference
implementation, see [2].
1. https://optee.readthedocs.io/en/3.21.0/building/trusted_applications.html
2. https://github.com/microsoft/ms-tpm-20-ref
This brings the .inc for customization, and also an example for
stm32mp15x.
Signed-off-by: Baocheng Su <baocheng.su@siemens.com>
---
.../optee-os/optee-os-stm32mp15x_3.21.0.bb | 25 ++--------------
...21.0.bb => optee-os-stm32mp15x_3.21.0.inc} | 17 ++---------
.../optee-os-tadevkit-stm32mp15x_3.21.0.bb | 7 +++++
.../optee-os/files/debian/control.tmpl | 4 +--
meta/recipes-bsp/optee-os/optee-os-custom.inc | 29 +++----------------
.../optee-os/optee-os-tadevkit-custom.inc | 26 +++++++++++++++++
.../{optee-os-custom.inc => optee-os.inc} | 14 +++------
7 files changed, 48 insertions(+), 74 deletions(-)
copy meta-isar/recipes-bsp/optee-os/{optee-os-stm32mp15x_3.21.0.bb => optee-os-stm32mp15x_3.21.0.inc} (57%)
create mode 100644 meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-stm32mp15x_3.21.0.bb
create mode 100644 meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc
copy meta/recipes-bsp/optee-os/{optee-os-custom.inc => optee-os.inc} (62%)
diff --git a/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb b/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb
index b605149..096e263 100644
--- a/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb
+++ b/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb
@@ -1,29 +1,8 @@
#
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2023
#
# SPDX-License-Identifier: MIT
require recipes-bsp/optee-os/optee-os-custom.inc
+require optee-os-stm32mp15x_${PV}.inc
-SRC_URI += "https://github.com/OP-TEE/optee_os/archive/${PV}.tar.gz"
-SRC_URI[sha256sum] = "92a16e841b0bdb4bfcb1c20b6a1bd3309092203d534ed167dfdb5a5f395bf60b"
-
-S = "${WORKDIR}/optee_os-${PV}"
-
-DEBIAN_BUILD_DEPENDS += ", device-tree-compiler, python3-cryptography:native"
-
-OPTEE_PLATFORM = "stm32mp1"
-OPTEE_EXTRA_BUILDARGS = " \
- ARCH=arm CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-ev1.dts \
- CFG_TEE_CORE_LOG_LEVEL=2"
-OPTEE_BINARIES = "tee-header_v2.stm32 tee-pageable_v2.stm32 tee-pager_v2.stm32"
-
-# Set version manually to PV, the tarball does not contain any hint.
-# Alternative: pull from git and add git as build dependency.
-dpkg_runbuild:prepend() {
- grep -q "^export TEE_IMPL_VERSION" ${S}/debian/rules ||
- cat << EOF >> ${S}/debian/rules
-
-export TEE_IMPL_VERSION=${PV}
-EOF
-}
diff --git a/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb b/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.inc
similarity index 57%
copy from meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb
copy to meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.inc
index b605149..cbf6974 100644
--- a/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb
+++ b/meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.inc
@@ -1,11 +1,9 @@
#
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2023
#
# SPDX-License-Identifier: MIT
-require recipes-bsp/optee-os/optee-os-custom.inc
-
-SRC_URI += "https://github.com/OP-TEE/optee_os/archive/${PV}.tar.gz"
+SRC_URI += "https://github.com/OP-TEE/optee_os/archive/${PV}.tar.gz;downloadfilename=optee_os-${PV}.tar.gz"
SRC_URI[sha256sum] = "92a16e841b0bdb4bfcb1c20b6a1bd3309092203d534ed167dfdb5a5f395bf60b"
S = "${WORKDIR}/optee_os-${PV}"
@@ -14,16 +12,7 @@ DEBIAN_BUILD_DEPENDS += ", device-tree-compiler, python3-cryptography:native"
OPTEE_PLATFORM = "stm32mp1"
OPTEE_EXTRA_BUILDARGS = " \
+ TEE_IMPL_VERSION=${PV} \
ARCH=arm CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-ev1.dts \
CFG_TEE_CORE_LOG_LEVEL=2"
OPTEE_BINARIES = "tee-header_v2.stm32 tee-pageable_v2.stm32 tee-pager_v2.stm32"
-
-# Set version manually to PV, the tarball does not contain any hint.
-# Alternative: pull from git and add git as build dependency.
-dpkg_runbuild:prepend() {
- grep -q "^export TEE_IMPL_VERSION" ${S}/debian/rules ||
- cat << EOF >> ${S}/debian/rules
-
-export TEE_IMPL_VERSION=${PV}
-EOF
-}
diff --git a/meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-stm32mp15x_3.21.0.bb b/meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-stm32mp15x_3.21.0.bb
new file mode 100644
index 0000000..2be7a9d
--- /dev/null
+++ b/meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-stm32mp15x_3.21.0.bb
@@ -0,0 +1,7 @@
+#
+# Copyright (c) Siemens AG, 2023
+#
+# SPDX-License-Identifier: MIT
+
+require recipes-bsp/optee-os/optee-os-tadevkit-custom.inc
+require optee-os-stm32mp15x_${PV}.inc
diff --git a/meta/recipes-bsp/optee-os/files/debian/control.tmpl b/meta/recipes-bsp/optee-os/files/debian/control.tmpl
index 60b3927..fdf898e 100644
--- a/meta/recipes-bsp/optee-os/files/debian/control.tmpl
+++ b/meta/recipes-bsp/optee-os/files/debian/control.tmpl
@@ -5,6 +5,6 @@ Standards-Version: 3.9.6
Build-Depends: ${DEBIAN_BUILD_DEPENDS}
Maintainer: ISAR project <isar-users@googlegroups.com>
-Package: optee-os-${OPTEE_NAME}
+Package: ${DEBIAN_PACKAGE_NAME}
Architecture: ${DISTRO_ARCH}
-Description: ${DESCRIPTION}, firmware binaries
+Description: ${DESCRIPTION}
diff --git a/meta/recipes-bsp/optee-os/optee-os-custom.inc b/meta/recipes-bsp/optee-os/optee-os-custom.inc
index d48827a..abe46e8 100644
--- a/meta/recipes-bsp/optee-os/optee-os-custom.inc
+++ b/meta/recipes-bsp/optee-os/optee-os-custom.inc
@@ -1,38 +1,17 @@
# Custom OP-TEE OS build
#
# This software is a part of ISAR.
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2023
#
# SPDX-License-Identifier: MIT
-inherit dpkg
+require optee-os.inc
-FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/files:"
-
-SRC_URI += "file://debian/"
-
-DESCRIPTION ?= "Custom OP-TEE OS"
-
-OPTEE_NAME ?= "${MACHINE}"
-OPTEE_PLATFORM ?= "unknown"
-OPTEE_EXTRA_BUILDARGS ?= ""
-OPTEE_BINARIES ?= "tee-pager_v2.bin"
-
-DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools"
+DESCRIPTION:append = ", firmware binaries"
PROVIDES += "optee-os-${OPTEE_NAME}"
-TEMPLATE_FILES = "debian/control.tmpl debian/rules.tmpl"
-TEMPLATE_VARS += "OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS"
-
-# split strip platform flavor, if any, from the specified platform string
-OPTEE_PLATFORM_BASE = "${@d.getVar('OPTEE_PLATFORM').split('-')[0]}"
-
-do_prepare_build() {
- cp -r ${WORKDIR}/debian ${S}/
-
- deb_add_changelog
-
+do_prepare_build:append() {
rm -f ${S}/debian/optee-os-${OPTEE_NAME}.install
for binary in ${OPTEE_BINARIES}; do
echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/core/$binary /usr/lib/optee-os/${OPTEE_NAME}/" >> \
diff --git a/meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc b/meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc
new file mode 100644
index 0000000..cfb2cfd
--- /dev/null
+++ b/meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc
@@ -0,0 +1,26 @@
+# Custom OP-TEE OS build for TA devkit
+#
+# This software is a part of ISAR.
+# Copyright (c) Siemens AG, 2023
+#
+# SPDX-License-Identifier: MIT
+
+require optee-os.inc
+
+DEBIAN_PACKAGE_NAME = "optee-os-tadevkit-${OPTEE_NAME}"
+DESCRIPTION:append = ", trust application development kit."
+
+PROVIDES += "${DEBIAN_PACKAGE_NAME}"
+
+do_prepare_build:append() {
+ if [ "${DISTRO_ARCH}" = "arm64" ]; then
+ TADEVKIT_DIR="export-ta_arm64"
+ elif [ "${DISTRO_ARCH}" = "armhf" ]; then
+ TADEVKIT_DIR="export-ta_arm32"
+ else
+ bbfatal "${DISTRO_ARCH} does not have a compat arch for optee TA devkit!"
+ fi
+
+ echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/${TADEVKIT_DIR} /usr/lib/optee-os/${OPTEE_NAME}/" > \
+ ${S}/debian/optee-os-tadevkit-${OPTEE_NAME}.install
+}
diff --git a/meta/recipes-bsp/optee-os/optee-os-custom.inc b/meta/recipes-bsp/optee-os/optee-os.inc
similarity index 62%
copy from meta/recipes-bsp/optee-os/optee-os-custom.inc
copy to meta/recipes-bsp/optee-os/optee-os.inc
index d48827a..198746b 100644
--- a/meta/recipes-bsp/optee-os/optee-os-custom.inc
+++ b/meta/recipes-bsp/optee-os/optee-os.inc
@@ -1,7 +1,7 @@
# Custom OP-TEE OS build
#
# This software is a part of ISAR.
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2023
#
# SPDX-License-Identifier: MIT
@@ -18,12 +18,12 @@ OPTEE_PLATFORM ?= "unknown"
OPTEE_EXTRA_BUILDARGS ?= ""
OPTEE_BINARIES ?= "tee-pager_v2.bin"
-DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools"
+DEBIAN_PACKAGE_NAME ?= "optee-os-${OPTEE_NAME}"
-PROVIDES += "optee-os-${OPTEE_NAME}"
+DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools"
TEMPLATE_FILES = "debian/control.tmpl debian/rules.tmpl"
-TEMPLATE_VARS += "OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS"
+TEMPLATE_VARS += "DEBIAN_PACKAGE_NAME OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS"
# split strip platform flavor, if any, from the specified platform string
OPTEE_PLATFORM_BASE = "${@d.getVar('OPTEE_PLATFORM').split('-')[0]}"
@@ -32,10 +32,4 @@ do_prepare_build() {
cp -r ${WORKDIR}/debian ${S}/
deb_add_changelog
-
- rm -f ${S}/debian/optee-os-${OPTEE_NAME}.install
- for binary in ${OPTEE_BINARIES}; do
- echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/core/$binary /usr/lib/optee-os/${OPTEE_NAME}/" >> \
- ${S}/debian/optee-os-${OPTEE_NAME}.install
- done
}
--
2.30.2
next prev parent reply other threads:[~2023-06-21 19:23 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-21 19:22 [PATCH v2 0/7] Add optee family and friends baocheng_su
2023-06-21 19:22 ` [PATCH v2 1/7] stm32mp15x: Bump optee-os to 3.21.0 baocheng_su
2023-06-22 17:50 ` Henning Schild
2023-06-21 19:22 ` baocheng_su [this message]
2023-06-21 19:22 ` [PATCH v2 3/7] Add recipe for optee-client baocheng_su
2023-06-22 5:52 ` Jan Kiszka
2023-06-22 18:00 ` Henning Schild
2023-06-22 18:36 ` Jan Kiszka
2023-06-22 18:43 ` Henning Schild
2023-06-22 20:10 ` Jan Kiszka
2023-06-22 18:02 ` Henning Schild
2023-06-22 18:34 ` Jan Kiszka
2023-06-21 19:22 ` [PATCH v2 4/7] Add recipe for optee examples baocheng_su
2023-06-21 19:22 ` [PATCH v2 5/7] Add recipe for optee ftpm baocheng_su
2023-06-22 6:02 ` Jan Kiszka
2023-06-22 6:21 ` Su Baocheng
2023-06-22 6:40 ` Jan Kiszka
2023-06-21 19:22 ` [PATCH v2 6/7] initramfs: Add recipe for tee-supplicant hook baocheng_su
2023-06-21 19:22 ` [PATCH v2 7/7] initramfs: Add recipe for tee-ftpm hook baocheng_su
2023-06-22 6:01 ` [PATCH v2 0/7] Add optee family and friends Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230621192217.2045717-3-baocheng_su@163.com \
--to=baocheng_su@163.com \
--cc=baocheng.su@siemens.com \
--cc=christian.storm@siemens.com \
--cc=felix.moessbauer@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
--cc=quirin.gylstorff@siemens.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox