summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRyan Eatmon <reatmon@ti.com>2023-03-29 15:35:01 -0500
committerRyan Eatmon <reatmon@ti.com>2023-03-31 09:25:19 -0500
commit72cd51fa11b1f5cc9f252163792cdf495a5b1090 (patch)
tree67fc2442064209775390328648d4cac5dabd0936
parentaeb44bbe5335aa9b84b9315744c3a7dee4454a6d (diff)
downloadmeta-ti-72cd51fa11b1f5cc9f252163792cdf495a5b1090.tar.gz
optee-os: Only sign files for platforms that support it
We are seeing some testing issues where the new code that signs all of the files at all times is causing issues. So rollback the logic and only sign for platforms that support it. Signed-off-by: Ryan Eatmon <reatmon@ti.com>
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend44
1 files changed, 43 insertions, 1 deletions
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend
index 0c5a6b21..4f052996 100644
--- a/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend
+++ b/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend
@@ -6,6 +6,12 @@ EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') i
6EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1" 6EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
7EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1" 7EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1"
8 8
9do_compile:append:k3() {
10 cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin
11 cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned
12 cp ${B}/core/tee.elf ${B}/bl32.elf
13}
14
9# Signing procedure for legacy HS devices 15# Signing procedure for legacy HS devices
10optee_sign_legacyhs() { 16optee_sign_legacyhs() {
11 ( cd ${B}/core/; \ 17 ( cd ${B}/core/; \
@@ -34,12 +40,48 @@ do_compile:append:dra7xx() {
34} 40}
35 41
36# Signing procedure for K3 devices 42# Signing procedure for K3 devices
37do_compile:append:k3() { 43optee_sign_k3hs() {
38 ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${B}/core/tee-pager_v2.bin ${B}/bl32.bin 44 ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${B}/core/tee-pager_v2.bin ${B}/bl32.bin
39 cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned 45 cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned
40 cp ${B}/core/tee.elf ${B}/bl32.elf 46 cp ${B}/core/tee.elf ${B}/bl32.elf
41} 47}
42 48
49do_compile:append:am65xx-hs-evm() {
50 optee_sign_k3hs
51}
52
53do_compile:append:am64xx-evm() {
54 optee_sign_k3hs
55}
56
57do_compile:append:am62xx-evm() {
58 optee_sign_k3hs
59}
60
61do_compile:append:am62xx-lp-evm() {
62 optee_sign_k3hs
63}
64
65do_compile:append:am62axx-evm() {
66 optee_sign_k3hs
67}
68
69do_compile:append:j721e-hs-evm() {
70 optee_sign_k3hs
71}
72
73do_compile:append:j7200-hs-evm() {
74 optee_sign_k3hs
75}
76
77do_compile:append:j721s2-hs-evm() {
78 optee_sign_k3hs
79}
80
81do_compile:append:j784s4-hs-evm() {
82 optee_sign_k3hs
83}
84
43do_install:append:ti-soc() { 85do_install:append:ti-soc() {
44 install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true 86 install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true
45 install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true 87 install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true