From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7247222195536003072 X-Received: by 2002:a19:6d1b:0:b0:4f6:2cd8:5ff4 with SMTP id i27-20020a196d1b000000b004f62cd85ff4mr11038908lfc.2.1687456847384; Thu, 22 Jun 2023 11:00:47 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6512:451:b0:4f8:46e8:2412 with SMTP id y17-20020a056512045100b004f846e82412ls209518lfk.0.-pod-prod-08-eu; Thu, 22 Jun 2023 11:00:45 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5m2yYyawNc2lbw8tgnLh6FHZU/n7UmSFDVeRAoCTziGgKVBhGHOeFtp0uwyfBl85kP6EZk X-Received: by 2002:a05:6512:32b0:b0:4f8:5f19:4b4e with SMTP id q16-20020a05651232b000b004f85f194b4emr9591101lfe.51.1687456845698; Thu, 22 Jun 2023 11:00:45 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1687456845; cv=pass; d=google.com; s=arc-20160816; b=v3YbZoOyuu/Q11ewPXZf0ikbeF8mJmYbx79fxZ4HBress8PtFX7g7G2gWFnVz3UQfo VPJEdgfkfQtxZ9kKQZO9cTXYewxFm9UkfXQHD/7IYTXjjY6jsyi6iHtqO8vUjHCbaAbm CIQwRSKaZDW9RU/XKN1EU2E0rvj9slVabtLM8i+Q07mhpTGFXzeO3Lh0hS0pvUB176tx We1FJJWPchxqzSN+BMIdbS699kCkIgUZHyZHpQyg6Y9GEmy5ELwj+aPtxPM9FtroAA0T VaLR3F0WQoTOilp1ebqnGRol44LOKzxVT6fYkt3Z6k4kSh9esC+LY+TGj5/CmMB1Ahdw XYag== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:subject:cc:to:from:date:dkim-signature; bh=RU39nzWGV1V+GZfEWiN+IXQFCsZ1sIrQKGnIKMT4Uwg=; b=nS+cbLVGDhAGLksXN89KVa9XeelIDx6xbh23lvyyJOYSdfEoy6zrOkFYMyksJ5lqID TzqepN3c/PFSv2HLP2bvhLft72DG8vaZy8CF/7OyG3ecnJUGFt4I6SvbdlH05NRANg5I dRHup/HffciXIzpXuwDUtQutS8NV6XznXr2FE9TKKnuqeXq+mkLrCz1BMgMrhll9Mx+z GtRc2EezIvEbkZqakfdnz5lglbxW+mH5ilDy1PJ7BI8ABD8r2+0IvWlczifxuBpP5kHc wTXBjQcOPhUAzyh3q8WeY/JT36wMOdflzdZCryA4Gso7puepetgGNZz8ca76Esw13QRn WY1w== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="W/MO60Ej"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 2a01:111:f400:fe1a::62c as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Return-Path: Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03on2062c.outbound.protection.outlook.com. [2a01:111:f400:fe1a::62c]) by gmr-mx.google.com with ESMTPS id y17-20020a199151000000b004f8424a570esi631754lfj.12.2023.06.22.11.00.45 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 22 Jun 2023 11:00:45 -0700 (PDT) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 2a01:111:f400:fe1a::62c as permitted sender) client-ip=2a01:111:f400:fe1a::62c; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b="W/MO60Ej"; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 2a01:111:f400:fe1a::62c as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f5t3gNRedNtgVbWQYv0vD0xk9ZcJADHcC92fqArLlEK1Q/yVKQyAGxDsiMwto0QadGnb81rMuyOAybOBPqjBF+NSNsH4d0bVsobNuWR1e71uQHI0Ql1Hp7a6pPdbNzFZ+nFydGYpvoXT4soRTpupbDtIB7V3QVZP8C9qmCxhHESx/6a/yHJy6US0VhIBWRoqESTz6or4hTpl1NdF1gSpkxBdZ06CKUW2Wa5SuJUbseC3OYGban0+OCzz24vdzstTKSHfnwv/8E8m+4qXiepzj1c3daZgl51uF63lFbuUhfksO5UVivV97MjiEfqaHzTbbIhgjZcjMC7UjsjSL1tOBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RU39nzWGV1V+GZfEWiN+IXQFCsZ1sIrQKGnIKMT4Uwg=; b=g4/9p3F4kIjADiptYVKFOIR/ptfN1ykJ4G4qGwOVegm4eYgkP+HDy6cV67Rx0FtbkS/hIKqXeixApswi9N/crwQWELJZJb+Xh2nmVylVhpdJY/+s5gCABh3njcOHbAuSP05koR/5dPwtWaumqIPm27OmqZuen4jYIEWwcWNOcC00W4FFq+k6lNp+SdH5qhaKSbqYP5TkM7ZPoI743QiCV8w8rW1TbaDGs0KlCzfCteyfO6qnaLcRnt7sIZcKG1LmZLFwaradlxm4Tpb+jfmaXdOuQtiSnT7UEqA5y/FM5EVcOKoWAwHF7Hod+8DuDQuvB3b68MKUngWZ5N01FxiOAA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RU39nzWGV1V+GZfEWiN+IXQFCsZ1sIrQKGnIKMT4Uwg=; b=W/MO60EjcWWs9kSH0ge/t7gYg/blfMttNZUt6E2y62xm9XRnILTUObybR6HcJR1xWTyHdQNNR9IGYJdEX6x2/H+QO5In2XpaW/YhJoTY8v0KxFv808CEdMpHv0IEgl/PdzWmfhOhEmh9Dt7p6TXpRb+YxaHSSDcuuwi7Zijw+rOC7h7JveK4MdaMhYzDR2kim4fdA1gBZ50K2oZstoUFa/N9Tl+s4cAkGPSScsarg21eWOY34T627R8+HhJ2WfPLQkHR1/FmPMS0wsN/o+mMj+nMr4XrbZGJnCfwDOFajeiN3AXMKTDKn/SB2B8FrSDyxrYslkU5xQVhWUm2XUyRFQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) by PAWPR10MB8041.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:37e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.24; Thu, 22 Jun 2023 18:00:43 +0000 Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::a171:a3f2:99b7:5f29]) by PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::a171:a3f2:99b7:5f29%6]) with mapi id 15.20.6521.024; Thu, 22 Jun 2023 18:00:43 +0000 Date: Thu, 22 Jun 2023 20:00:33 +0200 From: Henning Schild To: baocheng_su@163.com Cc: isar-users@googlegroups.com, jan.kiszka@siemens.com, felix.moessbauer@siemens.com, christian.storm@siemens.com, quirin.gylstorff@siemens.com, baocheng.su@siemens.com Subject: Re: [PATCH v2 3/7] Add recipe for optee-client Message-ID: <20230622200033.78fd1515@md1za8fc.ad001.siemens.net> In-Reply-To: <20230621192217.2045717-4-baocheng_su@163.com> References: <20230621192217.2045717-1-baocheng_su@163.com> <20230621192217.2045717-4-baocheng_su@163.com> X-Mailer: Claws Mail 4.1.1 (GTK 3.24.37; x86_64-pc-linux-gnu) Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-ClientProxiedBy: CH0PR03CA0332.namprd03.prod.outlook.com (2603:10b6:610:11a::9) To PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) Return-Path: henning.schild@siemens.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PA4PR10MB5780:EE_|PAWPR10MB8041:EE_ X-MS-Office365-Filtering-Correlation-Id: cb36601d-8f8e-4a0e-dc98-08db734a98ef X-LD-Processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jY7AAKR+pQZ7Oy3gkb8tlshFwOlzs8gxwWETmjcEd9fbiOWc0T8bIv4kL2Zk2QsvvdRCqZVv6V23TF9mkSmqrple/5Mf1KaUdSLD+1tFMrQqWIQ6v9kTPrx9sTv4t1UblUcZBdXb59GQRjS5dduxzs7kG4t752dNgGczqD6HYaypxd0Gc+NqprM0LPuu9rQ9UqH4YM5Vv3c3x72IrCxQFBb/E6fJOrIisl3T5uggGNPTu7nRz8GXnfy2bMQ2fmQ7CqLJtuKzIBGbAGnHpoCCX0YWnk9KWOg6ClhkSlQQyJpLFD+HiXbCj7wclAtta0ygSHL/EUGmhGs1s5u+MbqNWEA/67XXJQ9eFBnT/W0sq3t/mS3X2tf+ttstii7Zn2+/LUmjPYzpr8D3DUqrO8QM8jGCjwjf5z91nryHm87F7SZS/nX4GtXYRLWO8ByTuWz4OQliBQvRlHNiyXen/SGwY4olMty9pmzfTR4GpHkIh8Kq+OvYmPOVjHNRLsNgeIfOmVXyK5zLkLNPiP4q2tgosmpmsdkNyUrzy158q9HrTGiViyTmY/GxWAQT5F9z1NX4AjGo5V4XH3MeTvc2Gjn3n5iFx3w3KeGUwN43JVjCh4BdPEOJ4zKS2uSfHSOnmlAS9cUY0roerrX6imZqFCKYYw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230028)(4636009)(39860400002)(346002)(376002)(366004)(136003)(396003)(451199021)(478600001)(6666004)(107886003)(5660300002)(6506007)(6486002)(1076003)(83380400001)(966005)(66946007)(4326008)(8676002)(41300700001)(66556008)(66476007)(6916009)(8936002)(44832011)(2906002)(186003)(9686003)(6512007)(38100700002)(82960400001)(316002)(86362001)(1491003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?r29pArsj+EIxcl96jVT5QY3/X9SP0FqPoERqAlHtBGu1bMXCMvZ5bZ8q3/z+?= =?us-ascii?Q?i1p91x6Zx/FnZp8aLwvUqdv5vCOMTnN5IQzVILWkkWmEGlsAw568rJhacRG/?= =?us-ascii?Q?x/yUXqUmcNSe3sFBpzV3OuzUQbw74Dg8jKi2hE+QXkgJ0mVqVP8r8V0Lz23h?= =?us-ascii?Q?DoEC3nmSQIyDAJqAPhSDtIUXrPtC/2btJBDTKzrz/GN9NhcIcTW8wB/j4d2U?= =?us-ascii?Q?ic6w2hN409YDkFUftCXcCf8D7pVEYiz+DoArDbeiDZzGSvmEfjuceyT+wOm+?= =?us-ascii?Q?xQdWOXk0FDa/fc0P3eAE7qd0BzxX3r36BIR/WR8Zq2eEM8L++obTH5tRJciD?= =?us-ascii?Q?7p33/8uoqBjS6So0eZ8ImulJEz/GxWRtER/okJsI1cBybOAFJfYTRoeK3bMV?= =?us-ascii?Q?dU+kWxLEOBAmv5cQhzXTbLDuo0FIG9X9/O76HxRmeyghaXzaLZEV0t68Q/7X?= =?us-ascii?Q?Qw2WvZKkttMQ6r40ufMC9Cs/JrjQBWobMW2mRXY5bI1VF9S3x6QlMd818O6X?= =?us-ascii?Q?8jlkDUn+CXFLc/bjlwXKFcGfV6phW3mAhD6hFAP5M41Ed67z+skoZecWuQn3?= =?us-ascii?Q?sdPSfXr9MY534ZlT8dlAVFopryjxkN566Kl3PqTKzahJ4SiyMyVAtRg3FutM?= =?us-ascii?Q?XvpkUF2kLCsjlOz0UID0Ww+LTFAUWXfm9g46ZzL2kGCSJ36CyxypoQVGlOzM?= =?us-ascii?Q?s9bFr4fK8ZQjesCcQ+qJiLjxQm7RjoqFOT0vnYwoO995N33AVTirgRHCVJME?= =?us-ascii?Q?fdm7r0SiL4pWQU+kpI+xbGJsYrs8v3WGHzGWiK3l32b5zem04nuJlGNSIAbs?= =?us-ascii?Q?+RfL8sMgcIC9Vhaoj6nDef5q828HDGWW1ZVNY1jCJ2CYtyy0UTcMlwl2qIaN?= =?us-ascii?Q?zmGkSXskecyXUEMIqzJju4+bt5UQpSuC4vFqQsLBJSpniIa6592Ozh5VNx7I?= =?us-ascii?Q?7+TbQAU2D4XdCiwUMmEnoOcwxS48wRixPwJ4Ay2oMQxntf8zmzX9Cm6sDDFC?= =?us-ascii?Q?iUhu7Cf5T5h1sB1ab0fj962pNjx4qdzH9nbMHQUjICOJ//WTNu7D7+3Bx+hJ?= =?us-ascii?Q?aPRVYyDBHpQIERfSL5IWBUCaC4Apm/PsQPWqIlo9XhWChWS4Gaf0/P00CJUv?= =?us-ascii?Q?ADbUt1GDzctM7EXVIP7kcOiyCK/ZOZ1Fq8UF904jQyneUtKjOJiZV/Sz6OcD?= =?us-ascii?Q?pYk+88y6w5PGUOlUhhPR28staXgqPccnRtYNqDdo9oo2TqP7m0G8q4t+GHiz?= =?us-ascii?Q?fnHLep2uO7yWAFnDYQo8j/CSUZVlbwKlsZffsWJm2b9WqXSt3PAnTUHsHUXq?= =?us-ascii?Q?5Lg4MuhjaCQVYlcjSxeE0pdpbhUlQ37XfSEkLtw+Ao2LhxXRfvmRuID8qH+E?= =?us-ascii?Q?GQwurXXuA4KqN1+L6D3tAjmrVWAwsCT9jYTuG8GmuOFpvDdICAInnTLg6UcK?= =?us-ascii?Q?tQLlMxDDX4tIArlEeX3VNoNJZhna5+cChZ2rV/RinApuN3a4jctPXR5G0CDK?= =?us-ascii?Q?nayco8aFswBUq77IXycmmpMgHaMiBib81s/2Dd+EGcqSu+zimnF+lZGGIwZk?= =?us-ascii?Q?GuylNz3Xn7pau0X1xyihtuaJzEl/bZsvithkqx26p90ea43OBA9/7XRkJneo?= =?us-ascii?Q?b5iryeZQo6a58pQ2QCmxd+b3CNKCreJH6I51SUObBxjK9NSKys3E4azvHUaf?= =?us-ascii?Q?Vgc+cg=3D=3D?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: cb36601d-8f8e-4a0e-dc98-08db734a98ef X-MS-Exchange-CrossTenant-AuthSource: PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jun 2023 18:00:43.6171 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 7UEU7u/HI2jSruEAgx/RQ6v0TyYvYJGlK6ot7IBK7jcW5XkGopDAUfV5aY2jyXs6MKX9vnOFBXkaiNJFLb2Mh3yhhra4b1hdzcA9ECSHBBY= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAWPR10MB8041 X-TUID: d9PsOHJ6N1d9 Am Thu, 22 Jun 2023 03:22:13 +0800 schrieb baocheng_su@163.com: > From: Baocheng Su > > optee-client provides the userland library for communicating with the > trusted applications running in OP-TEE. > > It also provides a optee-client-dev package for developing host > application that talks to the TA counterpart. > > Also a user land deamon tee-supplicant is provided to serve the > trusted applications for user-land resources such as RPMB accessing. > > This brings the .inc for customization, and also a demo recipe for > stm32mp15x. > > The debianization is learnt from the debian offical package. The > tee-supplicant.service is refined by Jan to fix some timing issues. > > Signed-off-by: Baocheng Su > --- > meta-isar/conf/machine/stm32mp15x.conf | 2 +- > .../optee-client-stm32mp15x_3.21.0.bb | 18 +++++++ > .../optee-client/files/debian/compat | 1 + > .../optee-client/files/debian/control.tmpl | 51 > +++++++++++++++++++ .../optee-client/files/debian/rules.tmpl | > 27 ++++++++++ .../files/debian/tee-supplicant.service | 21 > ++++++++ .../optee-client/optee-client-custom.inc | 41 > +++++++++++++++ 7 files changed, 160 insertions(+), 1 deletion(-) > create mode 100644 > meta-isar/recipes-bsp/optee-client/optee-client-stm32mp15x_3.21.0.bb > create mode 100644 meta/recipes-bsp/optee-client/files/debian/compat > create mode 100644 > meta/recipes-bsp/optee-client/files/debian/control.tmpl create mode > 100755 meta/recipes-bsp/optee-client/files/debian/rules.tmpl create > mode 100644 > meta/recipes-bsp/optee-client/files/debian/tee-supplicant.service > create mode 100644 > meta/recipes-bsp/optee-client/optee-client-custom.inc > > diff --git a/meta-isar/conf/machine/stm32mp15x.conf > b/meta-isar/conf/machine/stm32mp15x.conf index 4fa4051..0b200d2 100644 > --- a/meta-isar/conf/machine/stm32mp15x.conf > +++ b/meta-isar/conf/machine/stm32mp15x.conf > @@ -16,4 +16,4 @@ WKS_FILE ?= "stm32mp15x.wks.in" > IMAGER_INSTALL += "trusted-firmware-a-stm32mp15x optee-os-stm32mp15x > u-boot-stm32mp15x" IMAGER_BUILD_DEPS += > "trusted-firmware-a-stm32mp15x optee-os-stm32mp15x u-boot-stm32mp15x" > -IMAGE_INSTALL += "u-boot-script" > +IMAGE_INSTALL += "u-boot-script tee-supplicant" > diff --git > a/meta-isar/recipes-bsp/optee-client/optee-client-stm32mp15x_3.21.0.bb > b/meta-isar/recipes-bsp/optee-client/optee-client-stm32mp15x_3.21.0.bb > new file mode 100644 index 0000000..18525e3 --- /dev/null > +++ > b/meta-isar/recipes-bsp/optee-client/optee-client-stm32mp15x_3.21.0.bb > @@ -0,0 +1,18 @@ +# > +# Copyright (c) Siemens AG, 2023 > +# > +# Authors: > +# Su Bao Cheng > +# > +# SPDX-License-Identifier: MIT > +# > + > +require recipes-bsp/optee-client/optee-client-custom.inc > + > +SRC_URI += > "https://github.com/OP-TEE/optee_client/archive/${PV}.tar.gz;downloadfilename=optee_client-${PV}.tar.gz" > +SRC_URI[sha256sum] = > "368164a539b85557d2079fa6cd839ec444869109f96de65d6569e58b0615d026" + > +S = "${WORKDIR}/optee_client-${PV}" + > +# Use RPMB emulation > +RPMB_EMU_BUILD_OPT = "" > diff --git a/meta/recipes-bsp/optee-client/files/debian/compat > b/meta/recipes-bsp/optee-client/files/debian/compat new file mode > 100644 index 0000000..f599e28 > --- /dev/null > +++ b/meta/recipes-bsp/optee-client/files/debian/compat > @@ -0,0 +1 @@ > +10 > diff --git a/meta/recipes-bsp/optee-client/files/debian/control.tmpl > b/meta/recipes-bsp/optee-client/files/debian/control.tmpl new file > mode 100644 index 0000000..6c68b1d > --- /dev/null > +++ b/meta/recipes-bsp/optee-client/files/debian/control.tmpl > @@ -0,0 +1,51 @@ Since there is that ".service" file i would expect a "Depends: systemd" somewhere in here. You wrote that the debianization is copied/inspired from somewhere, maybe that Depends needs to be upstreamed. Henning > +Source: ${PN} > +Priority: optional > +Maintainer: Unknown maintainer > +Build-Depends: pkg-config, uuid-dev > +Standards-Version: 4.1.3 > +Section: libs > +Homepage: https://github.com/OP-TEE/optee_client > +Rules-Requires-Root: no > + > +Package: optee-client-dev > +Section: libdevel > +Architecture: ${DISTRO_ARCH} > +Multi-Arch: same > +Depends: libteec1 (= ${binary:Version}), > + ${misc:Depends} > +Description: normal world user space client APIs for OP-TEE > (development) > + OP-TEE is a Trusted Execution Environment (TEE) designed as > companion to a > + non-secure Linux kernel running on Arm; Cortex-A cores using the > TrustZone > + technology. OP-TEE implements TEE Internal Core API v1.1.x which is > the API > + exposed to Trusted Applications and the TEE Client API v1.0, which > is the > + API describing how to communicate with a TEE. This package provides > the TEE > + Client API library. > + . > + This package contains the development files OpTEE Client API > + > +Package: libteec1 > +Architecture: ${DISTRO_ARCH} > +Multi-Arch: same > +Depends: ${misc:Depends}, ${shlibs:Depends} > +Description: normal world user space client APIs for OP-TEE > + OP-TEE is a Trusted Execution Environment (TEE) designed as > companion to a > + non-secure Linux kernel running on Arm; Cortex-A cores using the > TrustZone > + technology. OP-TEE implements TEE Internal Core API v1.1.x which is > the API > + exposed to Trusted Applications and the TEE Client API v1.0, which > is the > + API describing how to communicate with a TEE. This package provides > the TEE > + Client API library. > + . > + This package contains libteec library. > + > +Package: tee-supplicant > +Architecture: ${DISTRO_ARCH} > +Depends: ${misc:Depends}, ${shlibs:Depends} > +Description: normal world user space client APIs for OP-TEE > + OP-TEE is a Trusted Execution Environment (TEE) designed as > companion to a > + non-secure Linux kernel running on Arm; Cortex-A cores using the > TrustZone > + technology. OP-TEE implements TEE Internal Core API v1.1.x which is > the API > + exposed to Trusted Applications and the TEE Client API v1.0, which > is the > + API describing how to communicate with a TEE. This package provides > the TEE > + Client API library. > + . > + This package contains tee-supplicant executable. > diff --git a/meta/recipes-bsp/optee-client/files/debian/rules.tmpl > b/meta/recipes-bsp/optee-client/files/debian/rules.tmpl new file mode > 100755 index 0000000..a0a8983 > --- /dev/null > +++ b/meta/recipes-bsp/optee-client/files/debian/rules.tmpl > @@ -0,0 +1,27 @@ > +#!/usr/bin/make -f > +# > +# Debian rules for custom OP-TEE Client build > +# > +# This software is a part of ISAR. > +# Copyright (c) Siemens AG, 2023 > +# > +# SPDX-License-Identifier: MIT > + > +ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) > +export CROSS_COMPILE=$(DEB_HOST_GNU_TYPE)- > +endif > + > +%: > + dh $@ --exclude=.a > + > +override_dh_auto_build: > + dh_auto_build -- LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) \ > + CFG_TEE_FS_PARENT_PATH=${TEE_FS_PARENT_PATH} > ${RPMB_EMU_BUILD_OPT} + > +override_dh_auto_install: > + dh_auto_install -- LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) \ > + CFG_TEE_FS_PARENT_PATH=${TEE_FS_PARENT_PATH} > ${RPMB_EMU_BUILD_OPT} + > +override_dh_auto_clean: > + dh_auto_clean > + rm -rf $(CURDIR)/out > diff --git > a/meta/recipes-bsp/optee-client/files/debian/tee-supplicant.service > b/meta/recipes-bsp/optee-client/files/debian/tee-supplicant.service > new file mode 100644 index 0000000..4508a14 --- /dev/null > +++ > b/meta/recipes-bsp/optee-client/files/debian/tee-supplicant.service > @@ -0,0 +1,21 @@ +# This software is a part of ISAR. > +# Copyright (c) Siemens AG, 2023 > +# > +# SPDX-License-Identifier: MIT > +[Unit] > +Description=TEE Supplicant > +DefaultDependencies=no > +Before=systemd-remount-fs.service shutdown.target > +Conflicts=shutdown.target > + > +[Service] > +Type=oneshot > +RemainAfterExit=yes > +# Start if not already started by the initramfs hook > +ExecStart=/bin/sh -c '/usr/bin/pgrep tee-supplicant >/dev/null || > /usr/sbin/tee-supplicant -d' +ExecStop=/bin/sh -c '/usr/bin/findmnt > /sys/firmware/efi/efivars >/dev/null && /usr/bin/umount > /sys/firmware/efi/efivars || true' +ExecStop=/bin/sh -c > '/usr/sbin/modinfo -n tpm_ftpm_tee | /usr/bin/grep -E "\.ko$" > >/dev/null && /usr/sbin/modprobe -r tpm_ftpm_tee || true' > >+ExecStop=/usr/bin/pkill tee-supplicant + +[Install] > +WantedBy=sysinit.target > diff --git a/meta/recipes-bsp/optee-client/optee-client-custom.inc > b/meta/recipes-bsp/optee-client/optee-client-custom.inc new file mode > 100644 index 0000000..5c88dad > --- /dev/null > +++ b/meta/recipes-bsp/optee-client/optee-client-custom.inc > @@ -0,0 +1,41 @@ > +# > +# Copyright (c) Siemens AG, 2023 > +# > +# Authors: > +# Su Bao Cheng > +# > +# SPDX-License-Identifier: MIT > +# > + > +inherit dpkg > + > +FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/files:" > + > +DESCRIPTION = "OPTee Client" > + > +PROVIDES = "libteec1 optee-client-dev tee-supplicant" > + > +SRC_URI += "file://debian" > + > +TEE_FS_PARENT_PATH ?= "/var/lib/optee-client/data/tee" > +# To use the builtin RPMB emulation, empty this > +RPMB_EMU_BUILD_OPT ?= "RPMB_EMU=0" > + > +TEMPLATE_FILES = "debian/rules.tmpl debian/control.tmpl" > +TEMPLATE_VARS += "TEE_FS_PARENT_PATH RPMB_EMU_BUILD_OPT" > + > +do_prepare_build[cleandirs] += "${S}/debian" > +do_prepare_build() { > + cp -r ${WORKDIR}/debian ${S}/ > + > + deb_add_changelog > + > + echo "/usr/sbin/*" > ${S}/debian/tee-supplicant.install > + echo "lib/optee_armtz/" > ${S}/debian/tee-supplicant.dirs > + echo "usr/lib/tee-supplicant/plugins/" >> > ${S}/debian/tee-supplicant.dirs + > + echo "usr/lib/*/libteec*.so.*" > ${S}/debian/libteec1.install > + > + echo "usr/include/*" > ${S}/debian/optee-client-dev.install > + echo "usr/lib/*/lib*.so" >> ${S}/debian/optee-client-dev.install > +}