diff options
author | Oleksandr Suvorov <oleksandr.suvorov@foundries.io> | 2023-01-06 11:17:58 +0200 |
---|---|---|
committer | github-actions[bot] <github-actions[bot]@users.noreply.github.com> | 2023-01-08 18:12:29 +0000 |
commit | cc117ffabd78df729e427e5e90a5e7a434a29cf1 (patch) | |
tree | de0773fd10f892229a31d3e77c9a461c1b00fb9d /recipes-security/optee-imx/optee-os_3.19.0.imx.bb | |
parent | 398d71705ffc64caea1f34200bf3fc814a133b94 (diff) | |
download | meta-freescale-cc117ffabd78df729e427e5e90a5e7a434a29cf1.tar.gz |
optee: Upgrade 3.17.0.imx to 3.19.0.imx
NXP BSP lf-5.15.71_2.2.0 uses op-tee 3.19.0.imx.
Upgrade optee-os, optee-client, and optee-test accordingly.
Add missed support for imx93evk platform.
Relevant changes for optee-os:
- 00919403f LF-7525 drivers: dcp: do not modify DCP node status in the DTB
- 842961521 core: mm: fix error flushing unused pgt's
- 96d9b4c19 libutils: util.h: fix the ROUNDUP_OVERFLOW() macro
- 2885fd08e LFOPTEE-203 drivers: ele: align HUK output buffer
- 7e41f6603 drivers: imx_ele: add HUK support for imx93
- ab1525d14 core: imx: remove SC_IPC_BASE_SECURE definition
- 382a7ae57 LFOPTEE-181 drivers: imx_ele: re-work imx_ele_session_get_device_info()
- b27da7b0d LFOPTEE-181 drivers: imx_ele: remove RNG support for 8ulp A0
- 4a9f3e387 LFOPTEE-181 drivers: imx_ele: add MU infos for imx93
- 8c4caec41 LFOPTEE-181 core: imx: enable MU and ELE drivers for imx93
- f5bc45d6d LFOPTEE-181 core: imx: add MU_BASE and MU_SIZE for imx93
- b19786dfb LFOPTEE-181 drivers: imx_mu: add support for imx93
- 4c598c905 core: imx_ele: remove addition of word for CRC
- 9f9fb3899 LFU-368: core: imx93: enable trusted_keys as early TA
- 23889478f LFU-368: core: imx: enabled dynamic share memory for i.MX93
Relevant changes in optee-client:
- 644022f teeacl: fix include path
- 140bf46 libckteec: Add EDDSA attribute serialization
- 1fc38c6 libteeacl: Add function to resolve name to gid_t
- 1560582 libteeacl: function to encode a group login UUID
- e58b158 libteeacl: Add new ACL helper library
- 5364e61 tee-supplicant: read rpmb dev info from sysfs
- a46239c tee-supplicant: android: make RPMB_EMU a conditional assignment
- 30abe6c cmake: Use separate generator expression for lib targets
- f2755fe cmake: Don't set teec include_directory from libseteec
- 1dcb80a Use CMake project command to set version
- 492410d tee-supplicant: -d: return after TEE device is opened
- d59ed2d cmake: fix log level don't take effect
- e7cba71 tee-supplicant: fs: use errno instead of returning TEEC_ERROR_GENERIC
- f7ed8e3 tee-supplicant: support multiple TA load paths
- a5c30b1 Makefile: Makefile: only preserve links when installing output files
- dc58de2 tee-supplicant: close shm fd before freeing memory
- f2a7c94 tee-supplicant/src/tee_supplicant.c: fix build without plugins
Relevant changes in optee-test:
- 5c1dbb5 LFOPTEE-129 Make MP test use embedded crypto instead of openssl
- 661a7b3 LFOPTEE-131 Fix ta_keygen compilation warnings
- 6fcbcb1 LFOPTEE-123 Reset the handle when freed
- 980dbbb LFOPTEE-123 Handle benchmark logging for key generation measures
- ebf619a LFOPTEE-95 Add performance measure of key generation
- 28ba903 LFOPTEE-93 Check MP is functional
- d7f6c03 LFOPTEE-84 xtest: Add test of MP feature
- d928ce2 LFOPTEE-84 ta: Add test of MP
- b060fc4 MMIOT-789 xtest: crypto_perf: fix resource leak in read_random
- f9d2ab0 TEE-641 regression_nxp: add AES CTR in place tests
- dd158a7 LFOPTEE-65 xtest: add DIGPROG tests
- e1492fa LFOPTEE-65 xtest: add OCOTP tests
- c520c98 YOCIMX-5658 regression_nxp: replace malloc() calls with calloc() calls
- 09dbac1 LFOPTEE-55: crypto-perf: RSA: Fix for RSA Encryption/Decryption error
- 63dcd10 LFOPTEE-55: crypto-perf: add domain parameters for dsa
- c88fb78 LFOPTEE-55: crypto-perf: DH: Remove non-essential attributes passed during key generation
- b7b285a LFOPTEE-55: crypto-perf: ta: ECDSA, ECDH: Remove non-essential attributes passed during key generation
- 8350e03 LFOPTEE-55: crypto-perf: xtest: ECDH: RoundUp key size
- 7a9c375 LFOPTEE-39 regression_nxp: Add test of DEK blob generation
- 61e5ede MMIOT-723 regression_nxp: crypto: Fixing memory corruption in nxp_crypto_003
- 7d9ff08 LFOPTEE-17: xtest: regression_nxp: add test case for I2C driver testing
- 6ae8e95 xtest: enable PKCS11 tests
- 35173ba regression_nxp: enable CFG_REGRESSION_NXP flag
- cfb6e7b LFOPTEE-16: fix warning where uint32_t is expected
- a740498 LFOPTEE-16: fix trace compilation warnings
- 0fa4d73 LFOPTEE-13 crypto-perf: fix command line algorithm search
- 6a28f3c LFOPTEE-13 crypto-perf: fix compilation warnings
- e78f18d TEE-127 CAAM Crypto Performance
- 5ec9bce TEE-606 xtest: define a 'regression_nxp' test suite in xtest
- e562b26 TEE-606 xtest: add CFG_REGRESSION_NXP flag
- d9d73a8 TEE-367 crypto: cipher memory leakage verification
- f3e776b TEE-548 regression_nxp: Cipher operation with a big buffer
- 5312feb TEE-577 regression_nxp: AES CTR streaming byte per byte
- 6df2c3f TEE-418 regression_nxp: add cipher streaming byte incremental
- ab9863c Add ED25519 test cases
- eb3d01f xtest: Add FF-A memory test
- 252faa9 xtest: SPMC Add basic test
- 13cce36 xtest: remove ADBG_REQUIRE* macros
- d9d269e xtest: fix compilation issue
- 2055d75 xtest: fix compilation issue
- c7f733c xtest: fix compilation issue
- d09b43b host: supp_plugin: fix cross compilation
- da5282a sdp: Add dmabuf support
- 366179c regression 4007_x25519: do not fail if X25519 is not supported
- 00b3f2c Add x25519 test cases
Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io>
(cherry picked from commit 667a28c32f118ca64cbc88eaea9dcc2fa2a4cd1c)
Diffstat (limited to 'recipes-security/optee-imx/optee-os_3.19.0.imx.bb')
-rw-r--r-- | recipes-security/optee-imx/optee-os_3.19.0.imx.bb | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/recipes-security/optee-imx/optee-os_3.19.0.imx.bb b/recipes-security/optee-imx/optee-os_3.19.0.imx.bb new file mode 100644 index 00000000..9e491bac --- /dev/null +++ b/recipes-security/optee-imx/optee-os_3.19.0.imx.bb | |||
@@ -0,0 +1,110 @@ | |||
1 | # Copyright (C) 2017-2021 NXP | ||
2 | |||
3 | SUMMARY = "OPTEE OS" | ||
4 | DESCRIPTION = "OPTEE OS" | ||
5 | HOMEPAGE = "http://www.optee.org/" | ||
6 | LICENSE = "BSD-2-Clause" | ||
7 | LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" | ||
8 | |||
9 | DEPENDS = "python3-pyelftools-native u-boot-mkimage-native \ | ||
10 | python3-cryptography-native" | ||
11 | |||
12 | SRC_URI = "git://github.com/nxp-imx/imx-optee-os.git;protocol=https;branch=${SRCBRANCH}" | ||
13 | SRCBRANCH = "lf-5.15.71_2.2.0" | ||
14 | SRCREV = "00919403f040fad4f8603e605932281ff8451b1d" | ||
15 | |||
16 | S = "${WORKDIR}/git" | ||
17 | B = "${WORKDIR}/build" | ||
18 | |||
19 | inherit deploy python3native autotools features_check | ||
20 | |||
21 | REQUIRED_MACHINE_FEATURES = "optee" | ||
22 | |||
23 | # The platform flavor corresponds to the Yocto machine without the leading 'i'. | ||
24 | PLATFORM_FLAVOR = "${@d.getVar('MACHINE')[1:]}" | ||
25 | PLATFORM_FLAVOR:imx6qdlsabresd = "mx6qsabresd" | ||
26 | PLATFORM_FLAVOR:imx6qdlsabreauto = "mx6qsabreauto" | ||
27 | PLATFORM_FLAVOR:imx6qpdlsolox = "mx6qsabresd" | ||
28 | PLATFORM_FLAVOR:mx6ul-nxp-bsp = "mx6ulevk" | ||
29 | PLATFORM_FLAVOR:mx6ull-nxp-bsp = "mx6ullevk" | ||
30 | PLATFORM_FLAVOR:mx6ulz-nxp-bsp = "mx6ulzevk" | ||
31 | PLATFORM_FLAVOR:mx8mq-nxp-bsp = "mx8mqevk" | ||
32 | PLATFORM_FLAVOR:mx8mm-nxp-bsp = "mx8mmevk" | ||
33 | PLATFORM_FLAVOR:mx8mn-nxp-bsp = "mx8mnevk" | ||
34 | PLATFORM_FLAVOR:mx8mnul-nxp-bsp = "mx8mnevk" | ||
35 | PLATFORM_FLAVOR:mx8mp-nxp-bsp = "mx8mpevk" | ||
36 | PLATFORM_FLAVOR:mx8mpul-nxp-bsp = "mx8mpevk" | ||
37 | PLATFORM_FLAVOR:mx8qm-nxp-bsp = "mx8qmmek" | ||
38 | PLATFORM_FLAVOR:mx8qxp-nxp-bsp = "mx8qxpmek" | ||
39 | PLATFORM_FLAVOR:mx8dx-nxp-bsp = "mx8dxmek" | ||
40 | PLATFORM_FLAVOR:mx8dxl-nxp-bsp = "mx8dxlevk" | ||
41 | PLATFORM_FLAVOR:mx8ulp-nxp-bsp = "mx8ulpevk" | ||
42 | PLATFORM_FLAVOR:mx93-nxp-bsp = "mx93evk" | ||
43 | |||
44 | OPTEE_ARCH:arm = "arm32" | ||
45 | OPTEE_ARCH:aarch64 = "arm64" | ||
46 | |||
47 | # Optee-os can be built for 32 bits and 64 bits at the same time | ||
48 | # as long as the compilers are correctly defined. | ||
49 | # For 64bits, CROSS_COMPILE64 must be set | ||
50 | # When defining CROSS_COMPILE and CROSS_COMPILE64, we assure that | ||
51 | # any 32 or 64 bits builds will pass | ||
52 | EXTRA_OEMAKE = " \ | ||
53 | PLATFORM=imx-${PLATFORM_FLAVOR} \ | ||
54 | CROSS_COMPILE=${HOST_PREFIX} \ | ||
55 | CROSS_COMPILE64=${HOST_PREFIX} \ | ||
56 | CFG_TEE_TA_LOG_LEVEL=0 \ | ||
57 | CFG_TEE_CORE_LOG_LEVEL=0 \ | ||
58 | OPENSSL_MODULES=${STAGING_LIBDIR_NATIVE}/ossl-modules \ | ||
59 | -C ${S} O=${B} \ | ||
60 | " | ||
61 | |||
62 | LDFLAGS[unexport] = "1" | ||
63 | CFLAGS += "--sysroot=${STAGING_DIR_HOST}" | ||
64 | CXXFLAGS += "--sysroot=${STAGING_DIR_HOST}" | ||
65 | |||
66 | do_configure[noexec] = "1" | ||
67 | |||
68 | do_compile:arm () { | ||
69 | oe_runmake all uTee | ||
70 | } | ||
71 | |||
72 | do_compile:aarch64 () { | ||
73 | oe_runmake all | ||
74 | } | ||
75 | do_compile[cleandirs] = "${B}" | ||
76 | |||
77 | do_deploy () { | ||
78 | install -d ${DEPLOYDIR} | ||
79 | cp ${B}/core/tee-raw.bin ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin | ||
80 | ln -sf tee.${PLATFORM_FLAVOR}.bin ${DEPLOYDIR}/tee.bin | ||
81 | } | ||
82 | |||
83 | do_deploy:append:arm () { | ||
84 | cp ${B}/core/uTee ${DEPLOYDIR}/uTee-${OPTEE_BIN_EXT} | ||
85 | } | ||
86 | |||
87 | do_install () { | ||
88 | install -d ${D}${nonarch_base_libdir}/firmware/ | ||
89 | install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ | ||
90 | |||
91 | # Install embedded TAs | ||
92 | install -d ${D}${nonarch_base_libdir}/optee_armtz/ | ||
93 | install -m 444 ${B}/ta/*/*.ta ${D}${nonarch_base_libdir}/optee_armtz/ | ||
94 | |||
95 | # Install the TA devkit | ||
96 | install -d ${D}${includedir}/optee/export-user_ta_${OPTEE_ARCH}/ | ||
97 | cp -aR ${B}/export-ta_${OPTEE_ARCH}/* \ | ||
98 | ${D}${includedir}/optee/export-user_ta_${OPTEE_ARCH}/ | ||
99 | } | ||
100 | |||
101 | addtask deploy after do_compile before do_install | ||
102 | |||
103 | FILES:${PN} = "${nonarch_base_libdir}/firmware/ ${nonarch_base_libdir}/optee_armtz/" | ||
104 | FILES:${PN}-staticdev = "${includedir}/optee/" | ||
105 | RDEPENDS:${PN}-dev += "${PN}-staticdev" | ||
106 | |||
107 | PACKAGE_ARCH = "${MACHINE_ARCH}" | ||
108 | COMPATIBLE_MACHINE = "(imx-nxp-bsp)" | ||
109 | |||
110 | TOOLCHAIN = "gcc" | ||