From dea213f25f1113b5c836739d83ba22a238c75c78 Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Sat, 23 Jul 2022 12:50:00 -0300 Subject: qoriq-cst: rename cst to qoriq-cst The QoriQ SoCs use a different cst tool for secure boot than i.MX SoCs so we should name it with SoC family prefix to avoid confusion. Signed-off-by: Otavio Salvador (cherry picked from commit 2f26da887f04c639e0e0bb405dfb8f87c174e627) --- conf/machine/include/qoriq-base.inc | 2 +- recipes-bsp/atf/qoriq-atf_2.4.bb | 2 +- ...Mark-struct-input_field-file_field-extern.patch | 43 ---------------------- recipes-devtools/cst/cst_git.bb | 43 ---------------------- ...Mark-struct-input_field-file_field-extern.patch | 43 ++++++++++++++++++++++ recipes-devtools/qoriq-cst/qoriq-cst_git.bb | 43 ++++++++++++++++++++++ 6 files changed, 88 insertions(+), 88 deletions(-) delete mode 100644 recipes-devtools/cst/cst/0001-tools-Mark-struct-input_field-file_field-extern.patch delete mode 100644 recipes-devtools/cst/cst_git.bb create mode 100644 recipes-devtools/qoriq-cst/qoriq-cst/0001-tools-Mark-struct-input_field-file_field-extern.patch create mode 100644 recipes-devtools/qoriq-cst/qoriq-cst_git.bb diff --git a/conf/machine/include/qoriq-base.inc b/conf/machine/include/qoriq-base.inc index 35b7d82e..4340c942 100644 --- a/conf/machine/include/qoriq-base.inc +++ b/conf/machine/include/qoriq-base.inc @@ -39,7 +39,7 @@ WKS_FILE ?= "${SOC_DEFAULT_WKS_FILE}" MACHINE_FEATURES ?= "pci ext2 ext3 serial" MACHINE_EXTRA_RRECOMMENDS += "udev-extraconf udev-rules-qoriq kernel-modules" -EXTRA_IMAGEDEPENDS += "u-boot cst-native" +EXTRA_IMAGEDEPENDS += "u-boot qoriq-cst-native" MACHINEOVERRIDES =. "qoriq:" diff --git a/recipes-bsp/atf/qoriq-atf_2.4.bb b/recipes-bsp/atf/qoriq-atf_2.4.bb index b6716272..ec953297 100644 --- a/recipes-bsp/atf/qoriq-atf_2.4.bb +++ b/recipes-bsp/atf/qoriq-atf_2.4.bb @@ -2,7 +2,7 @@ require recipes-bsp/atf/qoriq-atf-2.4.inc inherit deploy -DEPENDS += "u-boot-mkimage-native u-boot openssl openssl-native rcw cst-native bc-native" +DEPENDS += "u-boot-mkimage-native u-boot openssl openssl-native rcw qoriq-cst-native bc-native" DEPENDS:append:lx2160a = " ddr-phy" DEPENDS:append:lx2162a = " ddr-phy" do_compile[depends] += "u-boot:do_deploy rcw:do_deploy uefi:do_deploy" diff --git a/recipes-devtools/cst/cst/0001-tools-Mark-struct-input_field-file_field-extern.patch b/recipes-devtools/cst/cst/0001-tools-Mark-struct-input_field-file_field-extern.patch deleted file mode 100644 index d25675aa..00000000 --- a/recipes-devtools/cst/cst/0001-tools-Mark-struct-input_field-file_field-extern.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 81ec65e72f357fb2c395e40c5195434bbaddf7f7 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Sat, 16 May 2020 08:21:52 -0700 -Subject: [PATCH] tools: Mark struct input_field file_field extern - -This struct is already defined in common/parse_utils.c - -Upstream-Status: Pending -Signed-off-by: Khem Raj ---- - tools/header_generation/create_hdr_common.c | 2 +- - tools/pbi_creation/create_pbi_common.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/tools/header_generation/create_hdr_common.c b/tools/header_generation/create_hdr_common.c -index bfa90a3..edf632c 100644 ---- a/tools/header_generation/create_hdr_common.c -+++ b/tools/header_generation/create_hdr_common.c -@@ -39,7 +39,7 @@ - #include - - extern struct g_data_t gd; --struct input_field file_field; -+extern struct input_field file_field; - - extern char line_data[]; - static struct option long_options[] = { -diff --git a/tools/pbi_creation/create_pbi_common.c b/tools/pbi_creation/create_pbi_common.c -index ff2ed84..bd976da 100644 ---- a/tools/pbi_creation/create_pbi_common.c -+++ b/tools/pbi_creation/create_pbi_common.c -@@ -57,7 +57,7 @@ static char *parse_list[] = { - - extern struct g_data_t gd; - extern char line_data[]; --struct input_field file_field; -+extern struct input_field file_field; - - #define NUM_PARSE_LIST (sizeof(parse_list) / sizeof(char *)) - --- -2.26.2 - diff --git a/recipes-devtools/cst/cst_git.bb b/recipes-devtools/cst/cst_git.bb deleted file mode 100644 index b9ac3e9e..00000000 --- a/recipes-devtools/cst/cst_git.bb +++ /dev/null @@ -1,43 +0,0 @@ -SUMMARY = "utility for security boot" -SECTION = "cst" -LICENSE = "BSD-3-Clause" - -LIC_FILES_CHKSUM = "file://COPYING;md5=e959d5d617e33779d0e90ce1d9043eff" - -DEPENDS += "openssl cst-native" -RDEPENDS:${PN} = "bash" - -GENKEYS ?= "${STAGING_BINDIR_NATIVE}/cst/gen_keys" -GENKEYS:class-native = "./gen_keys" - -inherit kernel-arch - -# specify the non default keys pair for secure boot if needed -#SECURE_PRI_KEY = "/path/srk.pri" -#SECURE_PUB_KEY = "/path/srk.pub" - -SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/cst;nobranch=1 \ - file://0001-tools-Mark-struct-input_field-file_field-extern.patch \ -" -SRCREV = "dfe30d3f05cfe281896482839e57ed49c52f2088" - -S = "${WORKDIR}/git" - -EXTRA_OEMAKE = 'CC="${CC}" LD="${CC}"' -CFLAGS:append = ' -Wno-deprecated-declarations' - -PARALLEL_MAKE = "" - -do_install () { - oe_runmake install DESTDIR=${D} BIN_DEST_DIR=${bindir} - - if [ -n "${SECURE_PRI_KEY}" ]; then - cp -f ${SECURE_PRI_KEY} ${D}/${bindir}/cst/srk.pri - cp -f ${SECURE_PUB_KEY} ${D}/${bindir}/cst/srk.pub - elif [ ! -f ${D}/${bindir}/cst/srk.pri -o ! ${D}/${bindir}/cst/srk.pub ]; then - cd ${D}/${bindir}/cst && ${GENKEYS} 1024 - fi -} - -FILES:${PN}-dbg += "${bindir}/cst/.debug" -BBCLASSEXTEND = "native nativesdk" diff --git a/recipes-devtools/qoriq-cst/qoriq-cst/0001-tools-Mark-struct-input_field-file_field-extern.patch b/recipes-devtools/qoriq-cst/qoriq-cst/0001-tools-Mark-struct-input_field-file_field-extern.patch new file mode 100644 index 00000000..d25675aa --- /dev/null +++ b/recipes-devtools/qoriq-cst/qoriq-cst/0001-tools-Mark-struct-input_field-file_field-extern.patch @@ -0,0 +1,43 @@ +From 81ec65e72f357fb2c395e40c5195434bbaddf7f7 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sat, 16 May 2020 08:21:52 -0700 +Subject: [PATCH] tools: Mark struct input_field file_field extern + +This struct is already defined in common/parse_utils.c + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + tools/header_generation/create_hdr_common.c | 2 +- + tools/pbi_creation/create_pbi_common.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tools/header_generation/create_hdr_common.c b/tools/header_generation/create_hdr_common.c +index bfa90a3..edf632c 100644 +--- a/tools/header_generation/create_hdr_common.c ++++ b/tools/header_generation/create_hdr_common.c +@@ -39,7 +39,7 @@ + #include + + extern struct g_data_t gd; +-struct input_field file_field; ++extern struct input_field file_field; + + extern char line_data[]; + static struct option long_options[] = { +diff --git a/tools/pbi_creation/create_pbi_common.c b/tools/pbi_creation/create_pbi_common.c +index ff2ed84..bd976da 100644 +--- a/tools/pbi_creation/create_pbi_common.c ++++ b/tools/pbi_creation/create_pbi_common.c +@@ -57,7 +57,7 @@ static char *parse_list[] = { + + extern struct g_data_t gd; + extern char line_data[]; +-struct input_field file_field; ++extern struct input_field file_field; + + #define NUM_PARSE_LIST (sizeof(parse_list) / sizeof(char *)) + +-- +2.26.2 + diff --git a/recipes-devtools/qoriq-cst/qoriq-cst_git.bb b/recipes-devtools/qoriq-cst/qoriq-cst_git.bb new file mode 100644 index 00000000..ca0f35fb --- /dev/null +++ b/recipes-devtools/qoriq-cst/qoriq-cst_git.bb @@ -0,0 +1,43 @@ +SUMMARY = "utility for security boot" +SECTION = "cst" +LICENSE = "BSD-3-Clause" + +LIC_FILES_CHKSUM = "file://COPYING;md5=e959d5d617e33779d0e90ce1d9043eff" + +DEPENDS += "openssl qoriq-cst-native" +RDEPENDS:${PN} = "bash" + +GENKEYS ?= "${STAGING_BINDIR_NATIVE}/cst/gen_keys" +GENKEYS:class-native = "./gen_keys" + +inherit kernel-arch + +# specify the non default keys pair for secure boot if needed +#SECURE_PRI_KEY = "/path/srk.pri" +#SECURE_PUB_KEY = "/path/srk.pub" + +SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/cst;nobranch=1 \ + file://0001-tools-Mark-struct-input_field-file_field-extern.patch \ +" +SRCREV = "dfe30d3f05cfe281896482839e57ed49c52f2088" + +S = "${WORKDIR}/git" + +EXTRA_OEMAKE = 'CC="${CC}" LD="${CC}"' +CFLAGS:append = ' -Wno-deprecated-declarations' + +PARALLEL_MAKE = "" + +do_install () { + oe_runmake install DESTDIR=${D} BIN_DEST_DIR=${bindir} + + if [ -n "${SECURE_PRI_KEY}" ]; then + cp -f ${SECURE_PRI_KEY} ${D}/${bindir}/cst/srk.pri + cp -f ${SECURE_PUB_KEY} ${D}/${bindir}/cst/srk.pub + elif [ ! -f ${D}/${bindir}/cst/srk.pri -o ! ${D}/${bindir}/cst/srk.pub ]; then + cd ${D}/${bindir}/cst && ${GENKEYS} 1024 + fi +} + +FILES:${PN}-dbg += "${bindir}/cst/.debug" +BBCLASSEXTEND = "native nativesdk" -- cgit v1.2.3-54-g00ecf From 5142908182ceb1da79d8245cb2e612deac448508 Mon Sep 17 00:00:00 2001 From: Otavio Salvador Date: Sat, 23 Jul 2022 16:58:33 -0300 Subject: optee-qoriq: rename directory so it maps to the recipe Signed-off-by: Otavio Salvador (cherry picked from commit 237f04e8b1967ef5615fa888657f8766bd52c287) --- .../optee-qoriq/optee-client-qoriq_3.13.0.bb | 5 ++ recipes-security/optee-qoriq/optee-client.nxp.inc | 53 +++++++++++++++ .../optee-client/tee-supplicant.service | 11 ++++ .../optee-qoriq/optee-os-qoriq_3.13.0.bb | 28 ++++++++ recipes-security/optee-qoriq/optee-os.nxp.inc | 75 ++++++++++++++++++++++ .../optee-qoriq/optee-test-qoriq_3.13.0.bb | 13 ++++ recipes-security/optee-qoriq/optee-test.nxp.inc | 61 ++++++++++++++++++ .../optee/optee-client-qoriq_3.13.0.bb | 5 -- recipes-security/optee/optee-client.nxp.inc | 53 --------------- .../optee/optee-client/tee-supplicant.service | 11 ---- recipes-security/optee/optee-os-qoriq_3.13.0.bb | 28 -------- recipes-security/optee/optee-os.nxp.inc | 75 ---------------------- recipes-security/optee/optee-test-qoriq_3.13.0.bb | 13 ---- recipes-security/optee/optee-test.nxp.inc | 61 ------------------ 14 files changed, 246 insertions(+), 246 deletions(-) create mode 100644 recipes-security/optee-qoriq/optee-client-qoriq_3.13.0.bb create mode 100644 recipes-security/optee-qoriq/optee-client.nxp.inc create mode 100644 recipes-security/optee-qoriq/optee-client/tee-supplicant.service create mode 100644 recipes-security/optee-qoriq/optee-os-qoriq_3.13.0.bb create mode 100644 recipes-security/optee-qoriq/optee-os.nxp.inc create mode 100644 recipes-security/optee-qoriq/optee-test-qoriq_3.13.0.bb create mode 100644 recipes-security/optee-qoriq/optee-test.nxp.inc delete mode 100644 recipes-security/optee/optee-client-qoriq_3.13.0.bb delete mode 100644 recipes-security/optee/optee-client.nxp.inc delete mode 100644 recipes-security/optee/optee-client/tee-supplicant.service delete mode 100644 recipes-security/optee/optee-os-qoriq_3.13.0.bb delete mode 100644 recipes-security/optee/optee-os.nxp.inc delete mode 100644 recipes-security/optee/optee-test-qoriq_3.13.0.bb delete mode 100644 recipes-security/optee/optee-test.nxp.inc diff --git a/recipes-security/optee-qoriq/optee-client-qoriq_3.13.0.bb b/recipes-security/optee-qoriq/optee-client-qoriq_3.13.0.bb new file mode 100644 index 00000000..94123e43 --- /dev/null +++ b/recipes-security/optee-qoriq/optee-client-qoriq_3.13.0.bb @@ -0,0 +1,5 @@ +require optee-client.nxp.inc + +PV:append = "+git${SRCPV}" + +COMPATIBLE_MACHINE = "(qoriq-arm64)" diff --git a/recipes-security/optee-qoriq/optee-client.nxp.inc b/recipes-security/optee-qoriq/optee-client.nxp.inc new file mode 100644 index 00000000..fa187e84 --- /dev/null +++ b/recipes-security/optee-qoriq/optee-client.nxp.inc @@ -0,0 +1,53 @@ +# Copyright 2020-2021 NXP + +SUMMARY = "OPTEE Client libs" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +inherit python3native systemd + +SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_client.git;nobranch=1" +SRCREV = "7c9c423d00e96bf51debd5fe10fd70dce83be5cc" + +FILESEXTRAPATHS:prepend := "${THISDIR}/optee-client:" +SRC_URI += "file://tee-supplicant.service" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH:armv7a = "arm32" +OPTEE_ARCH:aarch64 = "arm64" + +EXTRA_OEMAKE = "ARCH=${OPTEE_ARCH} O=${B}" + +do_install () { + oe_runmake -C ${S} install + + install -d ${D}${libdir}/ + install -p -m0644 ${B}/export${libdir}/libteec.so.1.0.0 ${D}${libdir}/ + ln -sf libteec.so.1.0.0 ${D}${libdir}/libteec.so.1.0 + ln -sf libteec.so.1.0.0 ${D}${libdir}/libteec.so.1 + ln -sf libteec.so.1 ${D}${libdir}/libteec.so + + install -D -p -m0644 ${B}/export/usr/lib/libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0.1.0 + ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0.1 + ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0 + ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so + + install -D -p -m0755 ${B}/export/usr/sbin/tee-supplicant ${D}${bindir}/tee-supplicant + + cp -a ${B}/export/usr/include ${D}${includedir} + + install -d ${D}${systemd_system_unitdir}/ + install -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/ + sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${D}${systemd_system_unitdir}/tee-supplicant.service +} + +SYSTEMD_SERVICE:${PN} = "tee-supplicant.service" + +FILES:${PN} += "${libdir}/* ${includedir}/*" + +INSANE_SKIP:${PN} = "ldflags dev-elf" +INSANE_SKIP:${PN}-dev = "ldflags dev-elf" diff --git a/recipes-security/optee-qoriq/optee-client/tee-supplicant.service b/recipes-security/optee-qoriq/optee-client/tee-supplicant.service new file mode 100644 index 00000000..0e2b4f6b --- /dev/null +++ b/recipes-security/optee-qoriq/optee-client/tee-supplicant.service @@ -0,0 +1,11 @@ +[Unit] +Description=TEE Supplicant + +[Service] +User=root +EnvironmentFile=-/etc/default/tee-supplicant +ExecStart=/usr/bin/tee-supplicant $OPTARGS + +[Install] +WantedBy=basic.target + diff --git a/recipes-security/optee-qoriq/optee-os-qoriq_3.13.0.bb b/recipes-security/optee-qoriq/optee-os-qoriq_3.13.0.bb new file mode 100644 index 00000000..3c3652d3 --- /dev/null +++ b/recipes-security/optee-qoriq/optee-os-qoriq_3.13.0.bb @@ -0,0 +1,28 @@ +require optee-os.nxp.inc + +PV:append = "+git${SRCPV}" + +PLATFORM_FLAVOR:ls1088ardb-pb = "ls1088ardb" +PLATFORM_FLAVOR:ls1046afrwy = "ls1046ardb" +PLATFORM_FLAVOR:lx2162aqds = "lx2160aqds" + +EXTRA_OEMAKE += " \ + PLATFORM=ls \ + CFG_ARM64_core=y \ +" + +do_compile:append:ls1012afrwy() { + mv ${B}/core/tee-raw.bin ${B}/core/tee_512mb.bin + oe_runmake CFG_DRAM0_SIZE=0x40000000 all +} + +do_install:append:qoriq() { + install -m 644 ${B}/core/tee-raw.bin ${D}${nonarch_base_libdir}/firmware/tee_${MACHINE}.bin +} + +do_install:append:ls1012afrwy() { + install -m 644 ${B}/core/tee_512mb.bin ${D}${nonarch_base_libdir}/firmware/tee_${MACHINE}_512mb.bin +} + +INHIBIT_PACKAGE_STRIP = "1" +COMPATIBLE_MACHINE = "(qoriq-arm64)" diff --git a/recipes-security/optee-qoriq/optee-os.nxp.inc b/recipes-security/optee-qoriq/optee-os.nxp.inc new file mode 100644 index 00000000..72af6ca4 --- /dev/null +++ b/recipes-security/optee-qoriq/optee-os.nxp.inc @@ -0,0 +1,75 @@ +# Copyright 2020-2021 NXP + +SUMMARY = "OPTEE OS" +DESCRIPTION = "OPTEE OS" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" + +inherit deploy python3native autotools +DEPENDS = "python3-pycryptodome-native python3-pyelftools-native python3-pycryptodomex-native dtc-native" + +SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_os.git;nobranch=1" +SRCREV = "735d98806dc26fbeeecad7f5e60ffeab8170c67e" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build.${PLATFORM_FLAVOR}" + +PLATFORM_FLAVOR ?= "${MACHINE}" + +OPTEE_ARCH ?= "arm64" +OPTEE_ARCH:armv7a = "arm32" +OPTEE_ARCH:aarch64 = "arm64" + +OPTEE_CORE_LOG_LEVEL ?= "1" +OPTEE_TA_LOG_LEVEL ?= "0" + +# Optee-os can be built for 32 bits and 64 bits at the same time +# as long as the compilers are correctly defined. +# For 64bits, CROSS_COMPILE64 must be set +# When defining CROSS_COMPILE and CROSS_COMPILE64, we assure that +# any 32 or 64 bits builds will pass +EXTRA_OEMAKE = " \ + -C ${S} O=${B} \ + PLATFORM_FLAVOR=${PLATFORM_FLAVOR} \ + CROSS_COMPILE=${HOST_PREFIX} \ + CROSS_COMPILE64=${HOST_PREFIX} \ + CFG_WERROR=y \ + CFG_TEE_CORE_LOG_LEVEL=${OPTEE_CORE_LOG_LEVEL} \ + CFG_TEE_TA_LOG_LEVEL=${OPTEE_TA_LOG_LEVEL} \ +" + +do_compile() { + unset LDFLAGS + export CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_HOST}" + oe_runmake all +} + +do_install() { + install -d ${D}${nonarch_base_libdir}/firmware/ + install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ + + # Install the TA devkit + install -d ${D}${includedir}/optee/export-user_ta/ + + for f in ${B}/export-ta_${OPTEE_ARCH}/*; do + cp -aR $f ${D}${includedir}/optee/export-user_ta/ + done + + install -d ${D}${nonarch_base_libdir}/optee_armtz + find ${B}/export-ta_${OPTEE_ARCH}/ta -name '*.ta' | while read name; do + install -m 444 $name ${D}${nonarch_base_libdir}/optee_armtz/ + done +} + +do_deploy() { + install -d ${DEPLOYDIR}/optee + install -m 644 ${D}${nonarch_base_libdir}/firmware/* ${DEPLOYDIR}/optee/ +} +addtask deploy before do_build after do_install + +FILES:${PN} = "${nonarch_base_libdir}/firmware/ ${nonarch_base_libdir}/optee_armtz/" +FILES:${PN}-staticdev = "/usr/include/optee/" +RDEPENDS:${PN}-dev += "${PN}-staticdev" + +PACKAGE_ARCH = "${MACHINE_ARCH}" diff --git a/recipes-security/optee-qoriq/optee-test-qoriq_3.13.0.bb b/recipes-security/optee-qoriq/optee-test-qoriq_3.13.0.bb new file mode 100644 index 00000000..69ef73d3 --- /dev/null +++ b/recipes-security/optee-qoriq/optee-test-qoriq_3.13.0.bb @@ -0,0 +1,13 @@ +require optee-test.nxp.inc + +PV:append = "+git${SRCPV}" + +DEPENDS += "optee-client-qoriq optee-os-qoriq" + +TEEC_EXPORT = "${STAGING_DIR_HOST}${prefix}" + +EXTRA_OEMAKE += " \ + TEEC_EXPORT=${TEEC_EXPORT} \ +" + +COMPATIBLE_MACHINE = "(qoriq-arm64)" diff --git a/recipes-security/optee-qoriq/optee-test.nxp.inc b/recipes-security/optee-qoriq/optee-test.nxp.inc new file mode 100644 index 00000000..e3ba0c8e --- /dev/null +++ b/recipes-security/optee-qoriq/optee-test.nxp.inc @@ -0,0 +1,61 @@ +# Copyright 2020-2021 NXP + +SUMMARY = "OPTEE test" +HOMEPAGE = "http://www.optee.org/" + +LICENSE = "BSD & GPL-2.0-only" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" + +DEPENDS = "python3-pycryptodome-native python3-pycryptodomex-native openssl" +inherit python3native cmake + +SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_test.git;nobranch=1" +SRCREV = "69722dab8c1f2683e30e0ee3b536053367e37aad" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + +TA_DEV_KIT_DIR ?= "${STAGING_INCDIR}/optee/export-user_ta" +OPTEE_CLIENT_EXPORT ?= "${STAGING_DIR_HOST}${prefix}" + +EXTRA_OEMAKE = " \ + TA_DEV_KIT_DIR=${TA_DEV_KIT_DIR} \ + OPTEE_CLIENT_EXPORT=${OPTEE_CLIENT_EXPORT} \ + CROSS_COMPILE_HOST=${HOST_PREFIX} \ + CROSS_COMPILE_TA=${HOST_PREFIX} \ + OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}/ \ + -C ${S} O=${B} \ +" + +EXTRA_OECMAKE = " \ + -DOPTEE_TEST_SDK=${TA_DEV_KIT_DIR} \ +" + +do_compile() { + export CXXFLAGS="${CXXFLAGS} --sysroot=${STAGING_DIR_HOST}" + oe_runmake xtest + oe_runmake ta + oe_runmake test_plugin +} + +do_install() { + install -d ${D}${bindir}/ + install ${B}/xtest/xtest ${D}${bindir}/ + + install -d ${D}${nonarch_base_libdir}/optee_armtz + find ${B}/ta -name '*.ta' | while read name; do + install -m 444 $name ${D}${nonarch_base_libdir}/optee_armtz/ + done + + install -d ${D}${libdir}/tee-supplicant/plugins/ + find ${B}/supp_plugin -name '*.plugin' | while read name; do + install -m 755 $name ${D}${libdir}/tee-supplicant/plugins/ + done +} + +FILES:${PN} += "${nonarch_base_libdir} ${libdir}/tee-supplicant/plugins/" + +DEBUG_OPTIMIZATION:append = " -Wno-error=maybe-uninitialized -Wno-deprecated-declarations" +FULL_OPTIMIZATION:append = " -Wno-error=maybe-uninitialized -Wno-deprecated-declarations" + +PACKAGE_ARCH = "${MACHINE_ARCH}" diff --git a/recipes-security/optee/optee-client-qoriq_3.13.0.bb b/recipes-security/optee/optee-client-qoriq_3.13.0.bb deleted file mode 100644 index 94123e43..00000000 --- a/recipes-security/optee/optee-client-qoriq_3.13.0.bb +++ /dev/null @@ -1,5 +0,0 @@ -require optee-client.nxp.inc - -PV:append = "+git${SRCPV}" - -COMPATIBLE_MACHINE = "(qoriq-arm64)" diff --git a/recipes-security/optee/optee-client.nxp.inc b/recipes-security/optee/optee-client.nxp.inc deleted file mode 100644 index fa187e84..00000000 --- a/recipes-security/optee/optee-client.nxp.inc +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright 2020-2021 NXP - -SUMMARY = "OPTEE Client libs" -HOMEPAGE = "http://www.optee.org/" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" - -inherit python3native systemd - -SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_client.git;nobranch=1" -SRCREV = "7c9c423d00e96bf51debd5fe10fd70dce83be5cc" - -FILESEXTRAPATHS:prepend := "${THISDIR}/optee-client:" -SRC_URI += "file://tee-supplicant.service" - -S = "${WORKDIR}/git" -B = "${WORKDIR}/build" - -OPTEE_ARCH ?= "arm32" -OPTEE_ARCH:armv7a = "arm32" -OPTEE_ARCH:aarch64 = "arm64" - -EXTRA_OEMAKE = "ARCH=${OPTEE_ARCH} O=${B}" - -do_install () { - oe_runmake -C ${S} install - - install -d ${D}${libdir}/ - install -p -m0644 ${B}/export${libdir}/libteec.so.1.0.0 ${D}${libdir}/ - ln -sf libteec.so.1.0.0 ${D}${libdir}/libteec.so.1.0 - ln -sf libteec.so.1.0.0 ${D}${libdir}/libteec.so.1 - ln -sf libteec.so.1 ${D}${libdir}/libteec.so - - install -D -p -m0644 ${B}/export/usr/lib/libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0.1.0 - ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0.1 - ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0 - ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so - - install -D -p -m0755 ${B}/export/usr/sbin/tee-supplicant ${D}${bindir}/tee-supplicant - - cp -a ${B}/export/usr/include ${D}${includedir} - - install -d ${D}${systemd_system_unitdir}/ - install -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/ - sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${D}${systemd_system_unitdir}/tee-supplicant.service -} - -SYSTEMD_SERVICE:${PN} = "tee-supplicant.service" - -FILES:${PN} += "${libdir}/* ${includedir}/*" - -INSANE_SKIP:${PN} = "ldflags dev-elf" -INSANE_SKIP:${PN}-dev = "ldflags dev-elf" diff --git a/recipes-security/optee/optee-client/tee-supplicant.service b/recipes-security/optee/optee-client/tee-supplicant.service deleted file mode 100644 index 0e2b4f6b..00000000 --- a/recipes-security/optee/optee-client/tee-supplicant.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=TEE Supplicant - -[Service] -User=root -EnvironmentFile=-/etc/default/tee-supplicant -ExecStart=/usr/bin/tee-supplicant $OPTARGS - -[Install] -WantedBy=basic.target - diff --git a/recipes-security/optee/optee-os-qoriq_3.13.0.bb b/recipes-security/optee/optee-os-qoriq_3.13.0.bb deleted file mode 100644 index 3c3652d3..00000000 --- a/recipes-security/optee/optee-os-qoriq_3.13.0.bb +++ /dev/null @@ -1,28 +0,0 @@ -require optee-os.nxp.inc - -PV:append = "+git${SRCPV}" - -PLATFORM_FLAVOR:ls1088ardb-pb = "ls1088ardb" -PLATFORM_FLAVOR:ls1046afrwy = "ls1046ardb" -PLATFORM_FLAVOR:lx2162aqds = "lx2160aqds" - -EXTRA_OEMAKE += " \ - PLATFORM=ls \ - CFG_ARM64_core=y \ -" - -do_compile:append:ls1012afrwy() { - mv ${B}/core/tee-raw.bin ${B}/core/tee_512mb.bin - oe_runmake CFG_DRAM0_SIZE=0x40000000 all -} - -do_install:append:qoriq() { - install -m 644 ${B}/core/tee-raw.bin ${D}${nonarch_base_libdir}/firmware/tee_${MACHINE}.bin -} - -do_install:append:ls1012afrwy() { - install -m 644 ${B}/core/tee_512mb.bin ${D}${nonarch_base_libdir}/firmware/tee_${MACHINE}_512mb.bin -} - -INHIBIT_PACKAGE_STRIP = "1" -COMPATIBLE_MACHINE = "(qoriq-arm64)" diff --git a/recipes-security/optee/optee-os.nxp.inc b/recipes-security/optee/optee-os.nxp.inc deleted file mode 100644 index 72af6ca4..00000000 --- a/recipes-security/optee/optee-os.nxp.inc +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 2020-2021 NXP - -SUMMARY = "OPTEE OS" -DESCRIPTION = "OPTEE OS" -HOMEPAGE = "http://www.optee.org/" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" - -inherit deploy python3native autotools -DEPENDS = "python3-pycryptodome-native python3-pyelftools-native python3-pycryptodomex-native dtc-native" - -SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_os.git;nobranch=1" -SRCREV = "735d98806dc26fbeeecad7f5e60ffeab8170c67e" - -S = "${WORKDIR}/git" -B = "${WORKDIR}/build.${PLATFORM_FLAVOR}" - -PLATFORM_FLAVOR ?= "${MACHINE}" - -OPTEE_ARCH ?= "arm64" -OPTEE_ARCH:armv7a = "arm32" -OPTEE_ARCH:aarch64 = "arm64" - -OPTEE_CORE_LOG_LEVEL ?= "1" -OPTEE_TA_LOG_LEVEL ?= "0" - -# Optee-os can be built for 32 bits and 64 bits at the same time -# as long as the compilers are correctly defined. -# For 64bits, CROSS_COMPILE64 must be set -# When defining CROSS_COMPILE and CROSS_COMPILE64, we assure that -# any 32 or 64 bits builds will pass -EXTRA_OEMAKE = " \ - -C ${S} O=${B} \ - PLATFORM_FLAVOR=${PLATFORM_FLAVOR} \ - CROSS_COMPILE=${HOST_PREFIX} \ - CROSS_COMPILE64=${HOST_PREFIX} \ - CFG_WERROR=y \ - CFG_TEE_CORE_LOG_LEVEL=${OPTEE_CORE_LOG_LEVEL} \ - CFG_TEE_TA_LOG_LEVEL=${OPTEE_TA_LOG_LEVEL} \ -" - -do_compile() { - unset LDFLAGS - export CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_HOST}" - oe_runmake all -} - -do_install() { - install -d ${D}${nonarch_base_libdir}/firmware/ - install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ - - # Install the TA devkit - install -d ${D}${includedir}/optee/export-user_ta/ - - for f in ${B}/export-ta_${OPTEE_ARCH}/*; do - cp -aR $f ${D}${includedir}/optee/export-user_ta/ - done - - install -d ${D}${nonarch_base_libdir}/optee_armtz - find ${B}/export-ta_${OPTEE_ARCH}/ta -name '*.ta' | while read name; do - install -m 444 $name ${D}${nonarch_base_libdir}/optee_armtz/ - done -} - -do_deploy() { - install -d ${DEPLOYDIR}/optee - install -m 644 ${D}${nonarch_base_libdir}/firmware/* ${DEPLOYDIR}/optee/ -} -addtask deploy before do_build after do_install - -FILES:${PN} = "${nonarch_base_libdir}/firmware/ ${nonarch_base_libdir}/optee_armtz/" -FILES:${PN}-staticdev = "/usr/include/optee/" -RDEPENDS:${PN}-dev += "${PN}-staticdev" - -PACKAGE_ARCH = "${MACHINE_ARCH}" diff --git a/recipes-security/optee/optee-test-qoriq_3.13.0.bb b/recipes-security/optee/optee-test-qoriq_3.13.0.bb deleted file mode 100644 index 69ef73d3..00000000 --- a/recipes-security/optee/optee-test-qoriq_3.13.0.bb +++ /dev/null @@ -1,13 +0,0 @@ -require optee-test.nxp.inc - -PV:append = "+git${SRCPV}" - -DEPENDS += "optee-client-qoriq optee-os-qoriq" - -TEEC_EXPORT = "${STAGING_DIR_HOST}${prefix}" - -EXTRA_OEMAKE += " \ - TEEC_EXPORT=${TEEC_EXPORT} \ -" - -COMPATIBLE_MACHINE = "(qoriq-arm64)" diff --git a/recipes-security/optee/optee-test.nxp.inc b/recipes-security/optee/optee-test.nxp.inc deleted file mode 100644 index e3ba0c8e..00000000 --- a/recipes-security/optee/optee-test.nxp.inc +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright 2020-2021 NXP - -SUMMARY = "OPTEE test" -HOMEPAGE = "http://www.optee.org/" - -LICENSE = "BSD & GPL-2.0-only" -LIC_FILES_CHKSUM = "file://LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" - -DEPENDS = "python3-pycryptodome-native python3-pycryptodomex-native openssl" -inherit python3native cmake - -SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_test.git;nobranch=1" -SRCREV = "69722dab8c1f2683e30e0ee3b536053367e37aad" - -S = "${WORKDIR}/git" -B = "${WORKDIR}/build" - -TA_DEV_KIT_DIR ?= "${STAGING_INCDIR}/optee/export-user_ta" -OPTEE_CLIENT_EXPORT ?= "${STAGING_DIR_HOST}${prefix}" - -EXTRA_OEMAKE = " \ - TA_DEV_KIT_DIR=${TA_DEV_KIT_DIR} \ - OPTEE_CLIENT_EXPORT=${OPTEE_CLIENT_EXPORT} \ - CROSS_COMPILE_HOST=${HOST_PREFIX} \ - CROSS_COMPILE_TA=${HOST_PREFIX} \ - OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}/ \ - -C ${S} O=${B} \ -" - -EXTRA_OECMAKE = " \ - -DOPTEE_TEST_SDK=${TA_DEV_KIT_DIR} \ -" - -do_compile() { - export CXXFLAGS="${CXXFLAGS} --sysroot=${STAGING_DIR_HOST}" - oe_runmake xtest - oe_runmake ta - oe_runmake test_plugin -} - -do_install() { - install -d ${D}${bindir}/ - install ${B}/xtest/xtest ${D}${bindir}/ - - install -d ${D}${nonarch_base_libdir}/optee_armtz - find ${B}/ta -name '*.ta' | while read name; do - install -m 444 $name ${D}${nonarch_base_libdir}/optee_armtz/ - done - - install -d ${D}${libdir}/tee-supplicant/plugins/ - find ${B}/supp_plugin -name '*.plugin' | while read name; do - install -m 755 $name ${D}${libdir}/tee-supplicant/plugins/ - done -} - -FILES:${PN} += "${nonarch_base_libdir} ${libdir}/tee-supplicant/plugins/" - -DEBUG_OPTIMIZATION:append = " -Wno-error=maybe-uninitialized -Wno-deprecated-declarations" -FULL_OPTIMIZATION:append = " -Wno-error=maybe-uninitialized -Wno-deprecated-declarations" - -PACKAGE_ARCH = "${MACHINE_ARCH}" -- cgit v1.2.3-54-g00ecf