diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-client.imx.inc b/meta-digi-arm/recipes-security/optee-imx/optee-client.imx.inc deleted file mode 100644 index f9d3b95cb..000000000 --- a/meta-digi-arm/recipes-security/optee-imx/optee-client.imx.inc +++ /dev/null @@ -1,3 +0,0 @@ -# Copyright (C) 2019-2020 NXP - -require recipes-security/optee-imx/optee-client_3.7.0.imx.bb diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-client_%.imx.bbappend b/meta-digi-arm/recipes-security/optee-imx/optee-client_%.imx.bbappend new file mode 100644 index 000000000..41309fe0d --- /dev/null +++ b/meta-digi-arm/recipes-security/optee-imx/optee-client_%.imx.bbappend @@ -0,0 +1,3 @@ +inherit features_check + +REQUIRED_MACHINE_FEATURES = "optee" diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-client_3.10.0.imx.bb b/meta-digi-arm/recipes-security/optee-imx/optee-client_3.10.0.imx.bb deleted file mode 100644 index f8599b455..000000000 --- a/meta-digi-arm/recipes-security/optee-imx/optee-client_3.10.0.imx.bb +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright (C) 2020 NXP -require optee-client.imx.inc - -FILESEXTRAPATHS_prepend := "${THISDIR}/optee-client:" - -OPTEE_CLIENT_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-client.git;protocol=https" -SRC_URI = "${OPTEE_CLIENT_SRC};branch=${SRCBRANCH} \ - file://tee-supplicant.service" -SRCBRANCH = "lf-5.10.y_1.0.0" -SRCREV = "2a77cf88d956c34cb4a1c191bea6113e327f5fe0" diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-client_3.15.0.imx.bb b/meta-digi-arm/recipes-security/optee-imx/optee-client_3.15.0.imx.bb new file mode 100644 index 000000000..37f7882ae --- /dev/null +++ b/meta-digi-arm/recipes-security/optee-imx/optee-client_3.15.0.imx.bb @@ -0,0 +1,58 @@ +# Copyright (C) 2017-2021 NXP + +SUMMARY = "OPTEE Client libs" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +SRCBRANCH = "lf-5.10.72_2.2.0" +OPTEE_CLIENT_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-client.git;protocol=https" +SRC_URI = " \ + ${OPTEE_CLIENT_SRC};branch=${SRCBRANCH} \ + file://tee-supplicant.service \ +" +SRCREV = "182874320395787a389e5b0f7df02b32f3c0a1b0" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build" + +inherit python3native systemd features_check + +REQUIRED_MACHINE_FEATURES = "optee" + +SYSTEMD_SERVICE_${PN} = "tee-supplicant.service" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +EXTRA_OEMAKE = "ARCH=${OPTEE_ARCH} -C ${S} O=${B}" + +do_install () { + oe_runmake install + + install -D -p -m0644 ${B}/export/usr/lib/libteec.so.1.0.0 ${D}${libdir}/libteec.so.1.0.0 + ln -sf libteec.so.1.0.0 ${D}${libdir}/libteec.so.1 + ln -sf libteec.so.1.0.0 ${D}${libdir}/libteec.so + + install -D -p -m0644 ${B}/export/usr/lib/libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0.1.0 + ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so.0 + ln -sf libckteec.so.0.1.0 ${D}${libdir}/libckteec.so + + install -D -p -m0755 ${B}/export/usr/sbin/tee-supplicant ${D}${bindir}/tee-supplicant + + cp -a ${B}/export/usr/include ${D}${includedir} + + sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${WORKDIR}/tee-supplicant.service + install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service +} + +PACKAGES += "tee-supplicant" +FILES_${PN} += "${libdir}/* ${includedir}/*" +FILES_tee-supplicant += "${bindir}/tee-supplicant" + +INSANE_SKIP_${PN} = "ldflags dev-elf" +INSANE_SKIP_${PN}-dev = "ldflags dev-elf" +INSANE_SKIP_tee-supplicant = "ldflags" + +COMPATIBLE_MACHINE = "(mx6|mx7|mx8)" diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-os.imx.inc b/meta-digi-arm/recipes-security/optee-imx/optee-os.imx.inc deleted file mode 100644 index 22b355b3d..000000000 --- a/meta-digi-arm/recipes-security/optee-imx/optee-os.imx.inc +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright (C) 2019-2020 NXP - -require recipes-security/optee-imx/optee-os_3.7.0.imx.bb - -LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" - -SRC_URI_remove = " \ - file://0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch" - -OPTEE_CORE_LOG_LEVEL ?= "1" -OPTEE_TA_LOG_LEVEL ?= "0" - -PLATFORM_FLAVOR_mx8mnlite = "mx8mnevk" - -EXTRA_OEMAKE_remove = "NOWERROR=1 \ - " - -EXTRA_OEMAKE += "CFG_WERROR=y \ - CFG_TEE_CORE_LOG_LEVEL=${OPTEE_CORE_LOG_LEVEL} \ - CFG_TEE_TA_LOG_LEVEL=${OPTEE_TA_LOG_LEVEL} \ - " - -do_compile () { - unset LDFLAGS - export CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_HOST}" - oe_runmake -C ${S} all -} - diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-os_%.imx.bbappend b/meta-digi-arm/recipes-security/optee-imx/optee-os_%.imx.bbappend new file mode 100644 index 000000000..41309fe0d --- /dev/null +++ b/meta-digi-arm/recipes-security/optee-imx/optee-os_%.imx.bbappend @@ -0,0 +1,3 @@ +inherit features_check + +REQUIRED_MACHINE_FEATURES = "optee" diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-os_3.10.0.imx.bb b/meta-digi-arm/recipes-security/optee-imx/optee-os_3.10.0.imx.bb deleted file mode 100644 index 4f71b63a3..000000000 --- a/meta-digi-arm/recipes-security/optee-imx/optee-os_3.10.0.imx.bb +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright (C) 2020 NXP -require optee-os.imx.inc - -DEPENDS_append = " python3-pycryptodomex-native" - -OPTEE_OS_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-os.git;protocol=https" -SRC_URI = "${OPTEE_OS_SRC};branch=${SRCBRANCH}" - -SRCBRANCH = "lf-5.10.y_1.0.0" -SRCREV = "87956c343f6a1a24dfe57e7d5c77dfc10b45148c" - -# tee-init_load_addr.txt has been remove in lates optee-os version. -# to keep backward compatibility with existing optee-os recipe. -do_compile_append () { - if [ "${OPTEE_ARCH}" != "arm64" ]; then - IMX_LOAD_ADDR=`${TARGET_PREFIX}readelf -h ${B}/core/tee.elf | grep "Entry point address" | awk '{print $4}'` && \ - echo ${IMX_LOAD_ADDR} > ${B}/core/tee-init_load_addr.txt - fi -} diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-os_3.15.0.imx.bb b/meta-digi-arm/recipes-security/optee-imx/optee-os_3.15.0.imx.bb new file mode 100644 index 000000000..12a09244d --- /dev/null +++ b/meta-digi-arm/recipes-security/optee-imx/optee-os_3.15.0.imx.bb @@ -0,0 +1,102 @@ +# Copyright (C) 2017-2021 NXP + +SUMMARY = "OPTEE OS" +DESCRIPTION = "OPTEE OS" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c1f21c4f72f372ef38a5a4aee55ec173" + +DEPENDS = "python3-pycryptodomex-native python3-pyelftools-native u-boot-mkimage-native" + +SRCBRANCH = "lf-5.10.72_2.2.0" +OPTEE_OS_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-os.git;protocol=https" +SRC_URI = "${OPTEE_OS_SRC};branch=${SRCBRANCH}" +SRCREV = "c939619d64dea014ad1b8382356eee4d1cbfbb22" + +S = "${WORKDIR}/git" + +inherit deploy python3native autotools features_check + +REQUIRED_MACHINE_FEATURES = "optee" + +# The platform flavor corresponds to the Yocto machine without the leading 'i'. +PLATFORM_FLAVOR = "${@d.getVar('MACHINE')[1:]}" +PLATFORM_FLAVOR_imx6qpdlsolox = "mx6qsabresd" +PLATFORM_FLAVOR_imx6ul7d = "mx6ulevk" +PLATFORM_FLAVOR_imx6ull14x14evk = "mx6ullevk" +PLATFORM_FLAVOR_imx6ull9x9evk = "mx6ullevk" +PLATFORM_FLAVOR_imx6ulz-14x14-evk = "mx6ulzevk" +PLATFORM_FLAVOR_mx8mq = "mx8mqevk" +PLATFORM_FLAVOR_mx8mm = "mx8mmevk" +PLATFORM_FLAVOR_mx8mn = "mx8mnevk" +PLATFORM_FLAVOR_mx8mp = "mx8mpevk" +PLATFORM_FLAVOR_mx8mpul = "mx8mpevk" +PLATFORM_FLAVOR_mx8qm = "mx8qmmek" +PLATFORM_FLAVOR_mx8qxp = "mx8qxpmek" +PLATFORM_FLAVOR_mx8dx = "mx8dxmek" +PLATFORM_FLAVOR_mx8dxl = "mx8dxlevk" +PLATFORM_FLAVOR_mx8mnul = "mx8mnevk" +PLATFORM_FLAVOR_mx8ulp = "mx8ulpevk" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +# Optee-os can be built for 32 bits and 64 bits at the same time +# as long as the compilers are correctly defined. +# For 64bits, CROSS_COMPILE64 must be set +# When defining CROSS_COMPILE and CROSS_COMPILE64, we assure that +# any 32 or 64 bits builds will pass +EXTRA_OEMAKE = " \ + PLATFORM=imx \ + PLATFORM_FLAVOR=${PLATFORM_FLAVOR} \ + CROSS_COMPILE=${HOST_PREFIX} \ + CROSS_COMPILE64=${HOST_PREFIX} \ + CFG_TEE_TA_LOG_LEVEL=0 \ + CFG_TEE_CORE_LOG_LEVEL=0 \ + -C ${S} O=${B}\ +" + +LDFLAGS = "" +CFLAGS += "--sysroot=${STAGING_DIR_HOST}" +CXXFLAGS += "--sysroot=${STAGING_DIR_HOST}" + +do_deploy () { + install -d ${DEPLOYDIR} + cp ${B}/core/tee-raw.bin ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin + ln -sf tee.${PLATFORM_FLAVOR}.bin ${DEPLOYDIR}/tee.bin + + if [ "${OPTEE_ARCH}" != "arm64" ]; then + IMX_LOAD_ADDR=`${TARGET_PREFIX}readelf -h ${B}/core/tee.elf | grep "Entry point address" | awk '{print $4}'` + uboot-mkimage -A arm -O linux -C none -a ${IMX_LOAD_ADDR} -e ${IMX_LOAD_ADDR} \ + -d ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin ${DEPLOYDIR}/uTee-${OPTEE_BIN_EXT} + fi +} + +do_install () { + install -d ${D}${nonarch_base_libdir}/firmware/ + install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ + + # Install the TA devkit + install -d ${D}${includedir}/optee/export-user_ta_${OPTEE_ARCH}/ + + for f in ${B}/export-ta_${OPTEE_ARCH}/*; do + cp -aR $f ${D}${includedir}/optee/export-user_ta_${OPTEE_ARCH}/ + done + + # Install embedded TAs + install -d ${D}${base_libdir}/optee_armtz + find ${B}/ta -name '*.ta' | while read name; do + install -m 444 $name ${D}${base_libdir}/optee_armtz/ + done +} + +addtask deploy after do_compile before do_install + + +FILES_${PN} = "${nonarch_base_libdir}/firmware/ /lib*/optee_armtz/" +FILES_${PN}-staticdev = "/usr/include/optee/" +RDEPENDS_${PN}-dev += "${PN}-staticdev" + +PACKAGE_ARCH = "${MACHINE_ARCH}" +COMPATIBLE_MACHINE = "(imx|imx-boot-container)" diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-test/0001-fix-build-failure-with-GCC-9.patch b/meta-digi-arm/recipes-security/optee-imx/optee-test/0001-fix-build-failure-with-GCC-9.patch deleted file mode 100644 index 9b9127777..000000000 --- a/meta-digi-arm/recipes-security/optee-imx/optee-test/0001-fix-build-failure-with-GCC-9.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 79330c8383e02e91a355964a3cc7b932d03c2517 Mon Sep 17 00:00:00 2001 -From: Chunrong Guo -Date: Wed, 10 Jul 2019 11:09:01 +0200 -Subject: [PATCH] fix build failure with GCC 9 - -Upstream-Status: Inappropriate [embedded specific] - -Signed-off-by: C.r. Guo ---- - host/xtest/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/host/xtest/Makefile b/host/xtest/Makefile -index e4e2881..e86e056 100644 ---- a/host/xtest/Makefile -+++ b/host/xtest/Makefile -@@ -152,7 +152,7 @@ CFLAGS += -Wall -Wcast-align -Werror \ - -Wmissing-include-dirs -Wmissing-noreturn \ - -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ - -Wshadow -Wstrict-prototypes -Wswitch-default \ -- -Wwrite-strings \ -+ -Wwrite-strings -Wno-format-overflow \ - -Wno-missing-field-initializers -Wno-format-zero-length - endif - --- -2.7.4 - diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-test_3.10.0.imx.bb b/meta-digi-arm/recipes-security/optee-imx/optee-test_3.10.0.imx.bb deleted file mode 100644 index a6bd360fa..000000000 --- a/meta-digi-arm/recipes-security/optee-imx/optee-test_3.10.0.imx.bb +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright (C) 2020 NXP -require optee-test.imx.inc - -DEPENDS_append = " python3-pycryptodomex-native" - -OPTEE_TEST_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-test.git;protocol=https" -SRC_URI = "${OPTEE_TEST_SRC};branch=${SRCBRANCH}" - -SRCBRANCH = "lf-5.10.y_1.0.0" -SRCREV = "0c998f42a3fb87b9f2929955cf4b0116cc515091" - -do_compile_prepend () { - export CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_HOST}" -} diff --git a/meta-digi-arm/recipes-security/optee-imx/optee-test.imx.inc b/meta-digi-arm/recipes-security/optee-imx/optee-test_3.15.0.imx.bb similarity index 56% rename from meta-digi-arm/recipes-security/optee-imx/optee-test.imx.inc rename to meta-digi-arm/recipes-security/optee-imx/optee-test_3.15.0.imx.bb index ac504bb35..ebd855d71 100644 --- a/meta-digi-arm/recipes-security/optee-imx/optee-test.imx.inc +++ b/meta-digi-arm/recipes-security/optee-imx/optee-test_3.15.0.imx.bb @@ -1,4 +1,4 @@ -# Copyright (C) 2020 NXP +# Copyright (C) 2017-2021 NXP SUMMARY = "OPTEE test" HOMEPAGE = "http://www.optee.org/" @@ -6,21 +6,30 @@ HOMEPAGE = "http://www.optee.org/" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" -DEPENDS = "optee-os optee-client python3-pycrypto-native openssl" -inherit python3native cmake +DEPENDS = "python3-pycrypto-native python3-pycryptodomex-native optee-os optee-client openssl" -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +SRCBRANCH = "lf-5.10.72_2.2.0" + +OPTEE_TEST_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-test.git;protocol=https" +SRC_URI = "${OPTEE_TEST_SRC};branch=${SRCBRANCH}" S = "${WORKDIR}/git" B = "${WORKDIR}/build" -OPTEE_ARCH ?= "arm" +SRCREV = "4d81b964a72e89a62d04187b3f055d8346b383c9" + +inherit python3native + +OPTEE_ARCH ?= "arm32" OPTEE_ARCH_armv7a = "arm32" OPTEE_ARCH_aarch64 = "arm64" TA_DEV_KIT_DIR_arm = "${STAGING_INCDIR}/optee/export-user_ta_arm32/" TA_DEV_KIT_DIR_aarch64 = "${STAGING_INCDIR}/optee/export-user_ta_arm64/" +CFLAGS += "--sysroot=${STAGING_DIR_HOST}" +CXXFLAGS += "--sysroot=${STAGING_DIR_HOST}" + EXTRA_OEMAKE = " \ TA_DEV_KIT_DIR=${TA_DEV_KIT_DIR} \ ARCH=${OPTEE_ARCH} \ @@ -32,13 +41,10 @@ EXTRA_OEMAKE = " \ -C ${S} O=${B} \ " -EXTRA_OECMAKE = " \ - -DOPTEE_TEST_SDK=${TA_DEV_KIT_DIR} \ -" -do_compile () { - export CXXFLAGS="${CXXFLAGS} --sysroot=${STAGING_DIR_HOST}" - oe_runmake V=1 +do_compile() { + oe_runmake all } +do_compile[cleandirs] = "${B}" do_install () { install -d ${D}/usr/bin @@ -48,8 +54,11 @@ do_install () { find ${B}/ta -name '*.ta' | while read name; do install -m 444 $name ${D}/lib/optee_armtz/ done + + install -d ${D}/usr/lib/tee-supplicant/plugins/ + install ${B}/supp_plugin/*plugin ${D}/usr/lib/tee-supplicant/plugins/ } -FILES_${PN} = "/usr/bin/ /lib*/optee_armtz/" +FILES_${PN} = "/usr/bin/ /lib*/optee_armtz/ /usr/lib/tee-supplicant/plugins/" COMPATIBLE_MACHINE = "(mx6|mx7|mx8)"