diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client.imx.inc b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client.imx.inc new file mode 100644 index 000000000..7b6de718b --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client.imx.inc @@ -0,0 +1,40 @@ +# Copyright (C) 2017-2022 NXP + +SUMMARY = "OPTEE Client libs" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +OPTEE_CLIENT_SRC ?= "git://github.com/nxp-imx/imx-optee-client.git;protocol=https" +SRC_URI = " \ + ${OPTEE_CLIENT_SRC};branch=${SRCBRANCH} \ + file://tee-supplicant.service \ +" + +FILESEXTRAPATHS:append := ":${THISDIR}/optee-client" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + +inherit python3native systemd features_check pkgconfig + +DEPENDS = "util-linux-libuuid" + +REQUIRED_MACHINE_FEATURES = "optee" + +SYSTEMD_SERVICE:${PN} = "tee-supplicant.service" + +EXTRA_OEMAKE = " \ + -C ${S} O=${B} \ +" + +do_install () { + oe_runmake install DESTDIR=${D} + install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service + sed -i \ + -e s:/etc:${sysconfdir}:g \ + -e s:/usr/sbin:${sbindir}:g \ + ${D}${systemd_system_unitdir}/tee-supplicant.service +} + +COMPATIBLE_MACHINE = "(imx-nxp-bsp)" diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client/tee-supplicant.service b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client/tee-supplicant.service new file mode 100644 index 000000000..ffb54d390 --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client/tee-supplicant.service @@ -0,0 +1,10 @@ +[Unit] +Description=TEE Supplicant + +[Service] +User=root +EnvironmentFile=-/etc/default/tee-supplicant +ExecStart=/usr/sbin/tee-supplicant $OPTARGS + +[Install] +WantedBy=basic.target diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client_3.19.0.imx.bb b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client_3.19.0.imx.bb new file mode 100644 index 000000000..035a1768b --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-client_3.19.0.imx.bb @@ -0,0 +1,5 @@ +# Copyright (C) 2022 NXP +require optee-client.imx.inc + +SRCBRANCH = "lf-5.15.71_2.2.0" +SRCREV = "644022f8970c832a40be00747fcec70c7b5d488c" diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-os.imx.inc b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-os.imx.inc new file mode 100644 index 000000000..8fd925a9d --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-os.imx.inc @@ -0,0 +1,100 @@ +# Copyright (C) 2017-2022 NXP + +SUMMARY = "OPTEE OS" +DESCRIPTION = "OPTEE OS" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" + +DEPENDS = "python3-pyelftools-native u-boot-mkimage-native \ + python3-cryptography-native" + +OPTEE_OS_SRC ?= "git://github.com/nxp-imx/imx-optee-os.git;protocol=https" +SRC_URI = "${OPTEE_OS_SRC};branch=${SRCBRANCH}" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + +inherit deploy python3native autotools features_check + +REQUIRED_MACHINE_FEATURES = "optee" + +# The platform flavor corresponds to the Yocto machine without the leading 'i'. +PLATFORM_FLAVOR = "${@d.getVar('MACHINE')[1:]}" +PLATFORM_FLAVOR:imx6qpdlsolox = "mx6qsabresd" +PLATFORM_FLAVOR:mx6ul-nxp-bsp = "mx6ulevk" +PLATFORM_FLAVOR:mx6ull-nxp-bsp = "mx6ullevk" +PLATFORM_FLAVOR:mx6ulz-nxp-bsp = "mx6ulzevk" +PLATFORM_FLAVOR:mx8mq-nxp-bsp = "mx8mqevk" +PLATFORM_FLAVOR:mx8mm-nxp-bsp = "mx8mmevk" +PLATFORM_FLAVOR:mx8mn-nxp-bsp = "mx8mnevk" +PLATFORM_FLAVOR:mx8mp-nxp-bsp = "mx8mpevk" +PLATFORM_FLAVOR:mx8mpul-nxp-bsp = "mx8mpevk" +PLATFORM_FLAVOR:mx8qm-nxp-bsp = "mx8qmmek" +PLATFORM_FLAVOR:mx8qxp-nxp-bsp = "mx8qxpmek" +PLATFORM_FLAVOR:mx8dx-nxp-bsp = "mx8dxmek" +PLATFORM_FLAVOR:mx8dxl-nxp-bsp = "mx8dxlevk" +PLATFORM_FLAVOR:mx8mnul-nxp-bsp = "mx8mnevk" +PLATFORM_FLAVOR:mx8ulp-nxp-bsp = "mx8ulpevk" +PLATFORM_FLAVOR:mx93-nxp-bsp = "mx93evk" + +EXTRA_OEMAKE = " \ + PLATFORM=imx-${PLATFORM_FLAVOR} \ + CROSS_COMPILE=${HOST_PREFIX} \ + CROSS_COMPILE64=${HOST_PREFIX} \ + CFG_TEE_TA_LOG_LEVEL=0 \ + CFG_TEE_CORE_LOG_LEVEL=0 \ + OPENSSL_MODULES=${STAGING_LIBDIR_NATIVE}/ossl-modules \ + -C ${S} O=${B} \ +" + +LDFLAGS[unexport] = "1" +CFLAGS += "--sysroot=${STAGING_DIR_HOST}" +CXXFLAGS += "--sysroot=${STAGING_DIR_HOST}" + +OPTEE_ARCH:arm = "arm32" +OPTEE_ARCH:aarch64 = "arm64" + +do_configure[noexec] = "1" + +do_compile:arm () { + oe_runmake all uTee +} + +do_compile:aarch64 () { + oe_runmake all +} +do_compile[cleandirs] = "${B}" + +do_deploy () { + install -d ${DEPLOYDIR} + cp ${B}/core/tee-raw.bin ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin + ln -sf tee.${PLATFORM_FLAVOR}.bin ${DEPLOYDIR}/tee.bin +} + +do_deploy:append:arm () { + cp ${B}/core/uTee ${DEPLOYDIR}/uTee-${OPTEE_BIN_EXT} +} + +do_install () { + install -d ${D}${nonarch_base_libdir}/firmware/ + install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ + + # Install embedded TAs + install -d ${D}${nonarch_base_libdir}/optee_armtz/ + install -m 444 ${B}/ta/*/*.ta ${D}${nonarch_base_libdir}/optee_armtz/ + + # Install TA devkit + install -d ${D}${includedir}/optee/export-user_ta_${OPTEE_ARCH}/ + cp -aR ${B}/export-ta_${OPTEE_ARCH}/* \ + ${D}${includedir}/optee/export-user_ta_${OPTEE_ARCH}/ +} + +addtask deploy after do_compile before do_install + +FILES:${PN} = "${nonarch_base_libdir}/firmware/ ${nonarch_base_libdir}/optee_armtz/" +FILES:${PN}-staticdev = "${includedir}/optee/" +RDEPENDS:${PN}-dev += "${PN}-staticdev" + +PACKAGE_ARCH = "${MACHINE_ARCH}" +COMPATIBLE_MACHINE = "(imx-nxp-bsp)" diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-os_3.19.0.imx.bb b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-os_3.19.0.imx.bb new file mode 100644 index 000000000..78ba6b9c4 --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-os_3.19.0.imx.bb @@ -0,0 +1,5 @@ +# Copyright (C) 2022 NXP +require optee-os.imx.inc + +SRCBRANCH = "lf-5.15.71_2.2.0" +SRCREV = "00919403f040fad4f8603e605932281ff8451b1d" diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-test.imx.inc b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-test.imx.inc new file mode 100644 index 000000000..4383fa2c3 --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-test.imx.inc @@ -0,0 +1,51 @@ +# Copyright (C) 2017-2022 NXP + +SUMMARY = "OPTEE test" +HOMEPAGE = "http://www.optee.org/" + +LICENSE = "BSD-2-Clause & GPL-2.0-only" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" + +DEPENDS = "python3-cryptography-native optee-os optee-client openssl" + +OPTEE_TEST_SRC ?= "git://github.com/nxp-imx/imx-optee-test.git;protocol=https" +SRC_URI = "${OPTEE_TEST_SRC};branch=${SRCBRANCH}" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + + +inherit python3native features_check + +REQUIRED_MACHINE_FEATURES = "optee" + +OPTEE_ARCH:arm = "arm32" +OPTEE_ARCH:aarch64 = "arm64" + +CFLAGS += "--sysroot=${STAGING_DIR_HOST}" +CXXFLAGS += "--sysroot=${STAGING_DIR_HOST}" + +EXTRA_OEMAKE = " \ + TA_DEV_KIT_DIR=${STAGING_INCDIR}/optee/export-user_ta_${OPTEE_ARCH}/ \ + OPTEE_CLIENT_EXPORT=${STAGING_DIR_HOST}${exec_prefix} \ + CROSS_COMPILE_HOST=${HOST_PREFIX} \ + CROSS_COMPILE_TA=${HOST_PREFIX} \ + CROSS_COMPILE=${HOST_PREFIX} \ + OPENSSL_MODULES=${STAGING_LIBDIR_NATIVE}/ossl-modules \ + -C ${S} O=${B} \ +" + +do_compile() { + oe_runmake all +} +do_compile[cleandirs] = "${B}" + +do_install () { + oe_runmake install DESTDIR=${D} +} + +FILES:${PN} += "${nonarch_base_libdir}/optee_armtz/ ${libdir}/tee-supplicant/plugins/" + +RDEPENDS:${PN} = "optee-os" + +COMPATIBLE_MACHINE = "(imx-nxp-bsp)" diff --git a/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-test_3.19.0.imx.bb b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-test_3.19.0.imx.bb new file mode 100644 index 000000000..f5b088a9f --- /dev/null +++ b/meta-digi-arm/dynamic-layers/freescale-layer/recipes-security/optee-imx/optee-test_3.19.0.imx.bb @@ -0,0 +1,5 @@ +# Copyright (C) 2022 NXP +require optee-test.imx.inc + +SRCBRANCH = "lf-5.15.71_2.2.0" +SRCREV = "5c1dbb531b304f7ae100958f6261b6cefea49b62"