From 3c129b81a4d38c7b032f26b9354e686f234cf026 Mon Sep 17 00:00:00 2001 From: Ryan Eatmon Date: Mon, 20 Mar 2023 04:11:59 +0000 Subject: hs: Deploy the unsigned versions of bl31 and bl32 In addition to releasing the signed versions of the bl31.bin and bl32.bin files, also release the unsigned original versions. Signed-off-by: Ryan Eatmon Signed-off-by: Denys Dmytriyenko Signed-off-by: Ryan Eatmon --- .../trusted-firmware-a/trusted-firmware-a_%.bbappend | 12 ++++++++++++ meta-ti-bsp/recipes-security/optee/optee-os_3.16%.bbappend | 10 +++------- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend b/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend index be601e62..60f0496c 100644 --- a/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend +++ b/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend @@ -17,3 +17,15 @@ do_compile:append:k3() { mv ${BUILD_DIR}/bl31.bin ${BUILD_DIR}/bl31.bin.unsigned ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${BUILD_DIR}/bl31.bin.unsigned ${BUILD_DIR}/bl31.bin } + +do_install:append:k3() { + if [ -f ${BUILD_DIR}/bl31.bin.unsigned ]; then + echo "Install bl31.bin.unsigned" + install -m 0644 ${BUILD_DIR}/bl31.bin.unsigned \ + ${D}/firmware/bl31.bin.unsigned + else + echo "Install bl31.bin.unsigned" + install -m 0644 ${BUILD_DIR}/bl31.bin \ + ${D}/firmware/bl31.bin.unsigned + fi +} diff --git a/meta-ti-bsp/recipes-security/optee/optee-os_3.16%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-os_3.16%.bbappend index 2aa34530..7772c58e 100644 --- a/meta-ti-bsp/recipes-security/optee/optee-os_3.16%.bbappend +++ b/meta-ti-bsp/recipes-security/optee/optee-os_3.16%.bbappend @@ -9,13 +9,6 @@ EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') i EXTRA_OEMAKE:append:am62xx = " CFG_TEE_CORE_LOG_LEVEL=1" EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1" -do_compile:append:k3() { - ( cd ${B}/core/; \ - cp tee-pager_v2.bin ${B}/bl32.bin; \ - cp tee.elf ${B}/bl32.elf; \ - ) -} - # Signing procedure for legacy HS devices optee_sign_legacyhs() { ( cd ${B}/core/; \ @@ -46,12 +39,14 @@ do_compile:append:dra7xx() { # Signing procedure for K3 devices do_compile:append:k3() { ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${B}/core/tee-pager_v2.bin ${B}/bl32.bin + cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned cp ${B}/core/tee.elf ${B}/bl32.elf } do_install:append:ti-soc() { install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true + install -m 644 ${B}/bl32.bin.unsigned ${D}${nonarch_base_libdir}/firmware/ || true install -m 644 ${B}/bl32.elf ${D}${nonarch_base_libdir}/firmware/ || true } @@ -72,6 +67,7 @@ do_deploy:append:dra7xx() { do_deploy:append:k3() { ln -sf optee/bl32.bin ${DEPLOYDIR}/ + ln -sf optee/bl32.bin.unsigned ${DEPLOYDIR}/ ln -sf optee/bl32.elf ${DEPLOYDIR}/ } -- cgit v1.2.3-54-g00ecf