diff options
author | Ryan Eatmon <reatmon@ti.com> | 2023-03-29 15:35:01 -0500 |
---|---|---|
committer | Ryan Eatmon <reatmon@ti.com> | 2023-03-31 09:25:19 -0500 |
commit | 72cd51fa11b1f5cc9f252163792cdf495a5b1090 (patch) | |
tree | 67fc2442064209775390328648d4cac5dabd0936 | |
parent | aeb44bbe5335aa9b84b9315744c3a7dee4454a6d (diff) | |
download | meta-ti-72cd51fa11b1f5cc9f252163792cdf495a5b1090.tar.gz |
optee-os: Only sign files for platforms that support it
We are seeing some testing issues where the new code that signs all of
the files at all times is causing issues. So rollback the logic and
only sign for platforms that support it.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
-rw-r--r-- | meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend index 0c5a6b21..4f052996 100644 --- a/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend +++ b/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend | |||
@@ -6,6 +6,12 @@ EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') i | |||
6 | EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1" | 6 | EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1" |
7 | EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1" | 7 | EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1" |
8 | 8 | ||
9 | do_compile:append:k3() { | ||
10 | cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin | ||
11 | cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned | ||
12 | cp ${B}/core/tee.elf ${B}/bl32.elf | ||
13 | } | ||
14 | |||
9 | # Signing procedure for legacy HS devices | 15 | # Signing procedure for legacy HS devices |
10 | optee_sign_legacyhs() { | 16 | optee_sign_legacyhs() { |
11 | ( cd ${B}/core/; \ | 17 | ( cd ${B}/core/; \ |
@@ -34,12 +40,48 @@ do_compile:append:dra7xx() { | |||
34 | } | 40 | } |
35 | 41 | ||
36 | # Signing procedure for K3 devices | 42 | # Signing procedure for K3 devices |
37 | do_compile:append:k3() { | 43 | optee_sign_k3hs() { |
38 | ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${B}/core/tee-pager_v2.bin ${B}/bl32.bin | 44 | ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${B}/core/tee-pager_v2.bin ${B}/bl32.bin |
39 | cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned | 45 | cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned |
40 | cp ${B}/core/tee.elf ${B}/bl32.elf | 46 | cp ${B}/core/tee.elf ${B}/bl32.elf |
41 | } | 47 | } |
42 | 48 | ||
49 | do_compile:append:am65xx-hs-evm() { | ||
50 | optee_sign_k3hs | ||
51 | } | ||
52 | |||
53 | do_compile:append:am64xx-evm() { | ||
54 | optee_sign_k3hs | ||
55 | } | ||
56 | |||
57 | do_compile:append:am62xx-evm() { | ||
58 | optee_sign_k3hs | ||
59 | } | ||
60 | |||
61 | do_compile:append:am62xx-lp-evm() { | ||
62 | optee_sign_k3hs | ||
63 | } | ||
64 | |||
65 | do_compile:append:am62axx-evm() { | ||
66 | optee_sign_k3hs | ||
67 | } | ||
68 | |||
69 | do_compile:append:j721e-hs-evm() { | ||
70 | optee_sign_k3hs | ||
71 | } | ||
72 | |||
73 | do_compile:append:j7200-hs-evm() { | ||
74 | optee_sign_k3hs | ||
75 | } | ||
76 | |||
77 | do_compile:append:j721s2-hs-evm() { | ||
78 | optee_sign_k3hs | ||
79 | } | ||
80 | |||
81 | do_compile:append:j784s4-hs-evm() { | ||
82 | optee_sign_k3hs | ||
83 | } | ||
84 | |||
43 | do_install:append:ti-soc() { | 85 | do_install:append:ti-soc() { |
44 | install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true | 86 | install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true |
45 | install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true | 87 | install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true |