| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
OP-TEE OS provides a handful of TAs itself. While these are often meant
to be built-in, when they are not we should deploy them as part of the
OP-TEE OS package so they can be loaded at runtime.
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Latest update in meta-arm added unconditional CFG_MAP_EXT_DT_SECURE=y
that affects all platforms, but was only needed for qemu. And it also
depends on CFG_DT=y, which is platform-specific. The fix was submitted
upstream[0], overlay it locally until upstream resolves it.
[0] https://patchwork.yoctoproject.org/project/arm/patch/20230613181723.1711212-1-denis@denix.org/
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
| |
U-Boot with binman will do the signing as these images are packaged.
Remove signing steps here.
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
| |
Minor changes to match with Kirkstone for consistency.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
| |
Avoid inheriting ti-secdev class and adding unconditional dependency
on TI_SECURE_DEV_PKG and other variables, when meta-ti-bsp is in the
bblayers.conf stack, but not building for TI platforms. This solves
yocto-check-layer signature test for Yocto Project compliance.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
| |
meta-arm now has all optee components updated to the latest 3.20 version
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
| |
We are seeing some testing issues where the new code that signs all of
the files at all times is causing issues. So rollback the logic and
only sign for platforms that support it.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
| |
This installs shared OPTEE-OS APIs and needs to match in order for latest
client/test/examples to be able to build.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
| |
OPTEE tests is not being upgraded due to a newer python dependency for
the build
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 98506a4a07363 ("optee-os: Update SRCREV for OP-TEE TRNG in AM62X")
Disables SW PRNG => Enabling Hardware RNG. This is breaking Suspend Resume
on AM62xx EVM variants. To fix this keep using SOFTWARE_PRNG enabled as
it was.
Cc: vibhore@ti.com
Cc: Andrew Davis <afd@ti.com>
Signed-off-by: Dhruva Gole <d-gole@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
| |
In addition to releasing the signed versions of the bl31.bin and
bl32.bin files, also release the unsigned original versions.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Lower the log level for am62axx platform
commit 27641e1f2d7f ("optee-os: Lower log level for AM62x")
changes the log level for am62xx platforms.
This patch is to extend the same for am62axx
Signed-off-by: Praneeth Bajjuri <praneeth@ti.com>
Reported-by: Sai Sree Kartheek Adivi <s-adivi@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
optee-os is already at 3.20 tag but the others were still outdated.
Updates other optee components to 3.19 tag
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While removing SOFTWARE_PRNG support
commit:98506a4a07363a1b57012ccfaee263f47e5b46c4,
accidently removed the changes applied
by commit:27641e1f2d7f6696fd7bbd8f24fcac20766b6234
(optee-os: Lower log level for AM62x).
Reverting those changes back
Signed-off-by: Kamlesh Gurudasani <kamlesh@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Enable trng support as trng support is added now in OP-TEE
Signed-off-by: Kamlesh Gurudasani <kamlesh@ti.com>
Signed-off-by: Jayesh Choudhary <j-choudhary@ti.com>
Acked-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the new ti-k3-secdev package to pull in the signing tools if they are
not provided by the environment. This allows us to use these tools
unconditionally. Remove the checks for the script and do the signing
for all K3 machines. The signature is automatically stripped from
the binaries on non-HS devices at boot time as needed so this change
is harmless for GP devices.
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
| |
Upstream meta-arm has updated optee-os to 3.19 and our local changes
conflict with that. Update bbappend to match upstream.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
| |
These bbappends were bumping versions to 3.17 when upstream only provided
3.16 version. Now that upstream meta-arm provides 3.18 versions, there's
no need for the bbappends, especially since they break in do_install.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
| |
These patches are from upstream against v3.18, but we moved to v3.19 and the
patches are now invalid. These can be removed once upstream moves up to or
beyond v3.19.
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
| |
Update to the latest upstream master which is 3.19.0.
Signed-off-by: Praneeth Bajjuri <praneeth@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
| |
OP-TEE upstream now has support for sa3ul for j721s2 platform.
Re-enable the trng driver which was disabled earlier.
Signed-off-by: Jayesh Choudhary <j-choudhary@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
| |
Update the SRCREV to the commit when sa3ul support was
added in upstream OP-TEE for J784S4 platform to access rng.
Signed-off-by: Jayesh Choudhary <j-choudhary@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
During resume from low power mode suspend OP-TEE prints some messages
on the UART. It seems this UART is not powered at this point in the
sequence breaking suspend/resume. We should track down the exact
prints and quiet them. Until we get that fix upstream, lets lower
the log level for this platform to unblock the LPM work.
Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Anand Gadiyar <gadiyar@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
| |
Update to the latest upstream master which is 3.18.0.
Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Praneeth Bajjuri <praneeth@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The HS-SE AM64xx machine can now be run on GP devices and built without
needing the TI_SECURE_DEV_PKG for the same. AM64xx will only be available
in the HS-FS type going forward. Make the HS-SE the default and remove
the original GP machine.
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The TRNG driver is not currently functional for these two platforms.
Disable the TRNG driver until fixed.
Reported-by: Vignesh Raghavendra <vigneshr@ti.com>
Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Praneeth Bajjuri <praneeth@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to the latest upstream master which is 3.17.
We do this to add HUK and AM64x/AM62x support.
With this we need to also switch OPTEEMACHINE for AM64x/AM62x.
To build against the latest OP-TEE the support recipes need updated also.
Move these here into meta-ti so that builds will still work when not using
meta-arago-distro.
The fix patches do not look to be needed anymore.
While here switch to git checkout with https.
NOTE: The latest OP-TEE requires SYSFW 8.04+
Signed-off-by: Andrew Davis <afd@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Changes to support new j721s2-hs platform in:
1) ti-sci-fw_git: Update firmware prefix for j721s2-hs
2) atf: sign the image
3) u-boot: Add u-boot-spl image for combined boot image
4) optee: sign the image
Signed-off-by: Jayesh Choudhary <j-choudhary@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
| |
As append override does not add any whitespaces, it could lead to potential
issues when two items in space-separated list get concatenated. It is always
recommended to add a leading whitespace in such cases, like EXTRA_OEMAKE.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
| |
meta-arm commit e03b824d7824 ("arm/optee-os: cleanup recipe") changed the
recipe's do_compile(), which broke the build of the am57xx-hs-evm and
dra7xx-hs-evm machines. Adjust the .bbappend accordingly.
Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In many places we use "j7" the family when we should be using a
specific SoC or EVM and vice-versa. For instance when including
graphics drivers we add for all "j7" family, but what we really
want is only for some specific j7 SoC.
First step in untangling this is to make it clear that there is
no SoC called j7. There is a SoC called j721e with a j721e-evm.
Fix up this naming here.
Signed-off-by: Andrew Davis <afd@ti.com>
Tested-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Actual systems may choose to use a different console from the default
Allow the machine configurations to describe the same.
Since the option provided is custom to TI K3, make this a k3 product
override capability.
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
|
|
Extra sub-layers will be created next and relevant content moved across them.
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Ryan Eatmon <reatmon@ti.com>
|
