1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
require qoriq-atf-${PV}.inc
DESCRIPTION = "ARM Trusted Firmware"
inherit deploy
DEPENDS += "cst-native"
do_compile[depends] += "u-boot:do_deploy rcw:do_deploy ddr-phy:do_deploy"
PACKAGE_ARCH = "${MACHINE_ARCH}"
PLATFORM = "${MACHINE}"
MBEDTLS_FOLDER ?= "${S}/mbedtls"
RCW_FOLDER ?= "${MACHINE}"
# requires CROSS_COMPILE set by hand as there is no configure script
export CROSS_COMPILE="${TARGET_PREFIX}"
export ARCH="arm64"
# Let the Makefile handle setting up the CFLAGS and LDFLAGS as it is
# a standalone application
CFLAGS[unexport] = "1"
LDFLAGS[unexport] = "1"
AS[unexport] = "1"
LD[unexport] = "1"
EXTRA_OEMAKE += "HOSTCC='${BUILD_CC} ${BUILD_CPPFLAGS} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}'"
BOOTTYPE ?= "flexspi_nor sd emmc"
ARM_COT = "${@bb.utils.contains('DISTRO_FEATURES', 'arm-cot', 'true', 'false', d)}"
NXP_COT = "${@bb.utils.contains('DISTRO_FEATURES', 'secure', 'true', 'false', d)}"
BUILD_OPTEE = "${@bb.utils.contains('COMBINED_FEATURES', 'optee', 'true', 'false', d)}"
PACKAGECONFIG ??= " \
${@bb.utils.contains('DISTRO_FEATURES', 'arm-cot', 'optee', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'secure', 'optee', '', d)} \
${@bb.utils.filter('COMBINED_FEATURES', 'optee', d)} \
"
PACKAGECONFIG[optee] = ",,optee-os-qoriq"
uboot_sec ?= "${DEPLOY_DIR_IMAGE}/u-boot.bin-tfa-secure-boot"
uboot ?= "${DEPLOY_DIR_IMAGE}/u-boot.bin-tfa"
do_configure[noexec] = "1"
do_compile() {
if [ "${NXP_COT}" = "true" -a "${ARM_COT}" = "true" ]; then
bbfatal " \
Error!, Both ARM CoT and NXP CoT are enabled. Only one CoT is built in a yocto build, \
Don't add nxp-cot and arm-cot into DISTRO_FEATURES_append at the same time."
fi
if [ "${NXP_COT}" = "true" ]; then
rm -fr ${S}/nxp-cot
mkdir -p ${S}/nxp-cot
outputdir="${S}/nxp-cot"
elif [ "${ARM_COT}" = "true" ]; then
rm -fr ${S}/arm-cot
mkdir -p ${S}/arm-cot
outputdir="${S}/arm-cot"
else
outputdir="${S}"
fi
if [ "${NXP_COT}" = "true" -o "${ARM_COT}" = "true" ]; then
if [ ! -f ${RECIPE_SYSROOT_NATIVE}/usr/bin/cst/srk.pri ]; then
${RECIPE_SYSROOT_NATIVE}/usr/bin/cst/gen_keys 1024
else
cp ${RECIPE_SYSROOT_NATIVE}/usr/bin/cst/srk.pri ${S}
cp ${RECIPE_SYSROOT_NATIVE}/usr/bin/cst/srk.pub ${S}
fi
bl32="${RECIPE_SYSROOT}${nonarch_base_libdir}/firmware/tee_${MACHINE}.bin"
bl33="${uboot_sec}"
secext="_sec"
else
bl33="${uboot}"
fi
for d in ${BOOTTYPE}; do
case $d in
sd)
rcwimg="${RCWSD}.bin"
;;
emmc)
rcwimg="${RCWEMMC}.bin"
;;
flexspi_nor)
rcwimg="${RCWXSPI}.bin"
;;
esac
if [ -f "${DEPLOY_DIR_IMAGE}/rcw/${RCW_FOLDER}/${rcwimg}" ]; then
oe_runmake V=1 -C ${S} realclean
if [ "${ARM_COT}" = "true" ]; then
mkdir -p ${S}/build/${PLATFORM}/release
if [ -f ${outputdir}/rot_key.pem ]; then
cp -fr ${outputdir}/*.pem ${S}/build/${PLATFORM}/release
fi
oe_runmake V=1 -C ${S} fip pbl PLAT=${PLATFORM} BOOT_MODE=${d} SPD=opteed BL32=${bl32} \
BL33=${bl33} RCW=${DEPLOY_DIR_IMAGE}/rcw/${RCW_FOLDER}/${rcwimg} TRUSTED_BOARD_BOOT=1 \
GENERATE_COT=1 MBEDTLS_DIR=${MBEDTLS_FOLDER} CST_DIR=${RECIPE_SYSROOT_NATIVE}/usr/bin/cst
if [ ! -f ${outputdir}/ddr_fip_sec.bin ]; then
oe_runmake V=1 -C ${S} fip_ddr PLAT=${PLATFORM} TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 \
MBEDTLS_DIR=${MBEDTLS_FOLDER} DDR_PHY_BIN_PATH=${DEPLOY_DIR_IMAGE}/ddr-phy
cp -r ${S}/build/${PLATFORM}/release/ddr_fip_sec.bin ${outputdir}
cp -r ${S}/build/${PLATFORM}/release/*.pem ${outputdir}
fi
elif [ "${NXP_COT}" = "true" ]; then
oe_runmake V=1 -C ${S} fip pbl PLAT=${PLATFORM} BOOT_MODE=${d} SPD=opteed BL32=${bl32} \
BL33=${bl33} RCW=${DEPLOY_DIR_IMAGE}/rcw/${RCW_FOLDER}/${rcwimg} TRUSTED_BOARD_BOOT=1 \
CST_DIR=${RECIPE_SYSROOT_NATIVE}/usr/bin/cst
if [ ! -f ${outputdir}/ddr_fip_sec.bin ]; then
oe_runmake V=1 -C ${S} fip_ddr PLAT=${PLATFORM} TRUSTED_BOARD_BOOT=1 \
CST_DIR=${RECIPE_SYSROOT_NATIVE}/usr/bin/cst DDR_PHY_BIN_PATH=${DEPLOY_DIR_IMAGE}/ddr-phy
cp -r ${S}/build/${PLATFORM}/release/ddr_fip_sec.bin ${outputdir}
fi
elif [ "${BUILD_OPTEE}" = "true" ]; then
bl32="${RECIPE_SYSROOT}${nonarch_base_libdir}/firmware/tee_${MACHINE}.bin"
oe_runmake V=1 -C ${S} all fip pbl PLAT=${PLATFORM} BOOT_MODE=${d} SPD=opteed BL32=${bl32} \
RCW=${DEPLOY_DIR_IMAGE}/rcw/${RCW_FOLDER}/${rcwimg} BL33=${bl33}
else
oe_runmake V=1 -C ${S} all fip pbl PLAT=${PLATFORM} BOOT_MODE=${d} \
RCW=${DEPLOY_DIR_IMAGE}/rcw/${RCW_FOLDER}/${rcwimg} BL33=${bl33}
fi
cp -r ${S}/build/${PLATFORM}/release/bl2_${d}${secext}.pbl ${outputdir}
cp -r ${S}/build/${PLATFORM}/release/fip.bin ${outputdir}
fi
rcwimg=""
done
}
do_install() {
install -d ${D}/boot/atf
if [ "${ARM_COT}" = "true" ]; then
outputdir="${S}/arm-cot"
secext="_sec"
elif [ "${NXP_COT}" = "true" ]; then
outputdir="${S}/nxp-cot"
secext="_sec"
else
outputdir="${S}"
fi
if [ -f "${outputdir}/fip.bin" ]; then
cp -r ${outputdir}/fip.bin ${D}/boot/atf/fip_uboot${secext}.bin
fi
if [ -f "${outputdir}/ddr_fip_sec.bin" ]; then
cp -r ${outputdir}/ddr_fip_sec.bin ${D}/boot/atf/
fi
for d in ${BOOTTYPE}; do
if [ -e ${outputdir}/bl2_${d}${secext}.pbl ]; then
cp -r ${outputdir}/bl2_${d}${secext}.pbl ${D}/boot/atf/bl2_${d}${secext}.pbl
fi
done
chown -R root:root ${D}
}
do_deploy() {
if [ "${ARM_COT}" = "true" ]; then
outputdir="atf_arm-cot"
elif [ "${NXP_COT}" = "true" ]; then
outputdir="atf_nxp-cot"
else
outputdir="atf"
fi
install -d ${DEPLOYDIR}/${outputdir}
cp -fr ${D}/boot/atf/* ${DEPLOYDIR}/${outputdir}/
}
addtask deploy after do_install
FILES_${PN} += "/boot"
COMPATIBLE_MACHINE = "(lx2160a|lx2162a)"
|
