aboutsummaryrefslogtreecommitdiffstats
path: root/meta-ti-bsp/recipes-security
diff options
context:
space:
mode:
Diffstat (limited to 'meta-ti-bsp/recipes-security')
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-%.bbappend1
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-client-ti-version.inc2
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-client_%.bbappend4
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-examples-ti-version.inc2
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-examples_%.bbappend4
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-os-tadevkit-ti-overrides.inc1
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-os-tadevkit_%.bbappend9
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-os-ti-overrides.inc78
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-os-ti-version.inc2
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend9
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-test-ti-version.inc2
-rw-r--r--meta-ti-bsp/recipes-security/optee/optee-test_%.bbappend4
12 files changed, 118 insertions, 0 deletions
diff --git a/meta-ti-bsp/recipes-security/optee/optee-%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-%.bbappend
new file mode 100644
index 00000000..bc590bfd
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-%.bbappend
@@ -0,0 +1 @@
+COMPATIBLE_MACHINE:ti-soc = "ti-soc"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-client-ti-version.inc b/meta-ti-bsp/recipes-security/optee/optee-client-ti-version.inc
new file mode 100644
index 00000000..22a363f4
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-client-ti-version.inc
@@ -0,0 +1,2 @@
+PV = "4.2.0+git"
+SRCREV = "3eac340a781c00ccd61b151b0e9c22a8c6e9f9f0"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-client_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-client_%.bbappend
new file mode 100644
index 00000000..f193e78b
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-client_%.bbappend
@@ -0,0 +1,4 @@
+OPTEE_TI_VERSION = ""
+OPTEE_TI_VERSION:ti-soc = "${BPN}-ti-version.inc"
+
+require ${OPTEE_TI_VERSION}
diff --git a/meta-ti-bsp/recipes-security/optee/optee-examples-ti-version.inc b/meta-ti-bsp/recipes-security/optee/optee-examples-ti-version.inc
new file mode 100644
index 00000000..2d7a95bd
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-examples-ti-version.inc
@@ -0,0 +1,2 @@
+PV = "4.2.0+git"
+SRCREV = "378dc0db2d5dd279f58a3b6cb3f78ffd6b165035"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-examples_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-examples_%.bbappend
new file mode 100644
index 00000000..f193e78b
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-examples_%.bbappend
@@ -0,0 +1,4 @@
+OPTEE_TI_VERSION = ""
+OPTEE_TI_VERSION:ti-soc = "${BPN}-ti-version.inc"
+
+require ${OPTEE_TI_VERSION}
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-tadevkit-ti-overrides.inc b/meta-ti-bsp/recipes-security/optee/optee-os-tadevkit-ti-overrides.inc
new file mode 100644
index 00000000..df46e243
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-os-tadevkit-ti-overrides.inc
@@ -0,0 +1 @@
+EXTRA_OEMAKE:remove = "CFG_MAP_EXT_DT_SECURE=y"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-tadevkit_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-os-tadevkit_%.bbappend
new file mode 100644
index 00000000..980f7a4b
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-os-tadevkit_%.bbappend
@@ -0,0 +1,9 @@
+OPTEE_TI_VERSION = ""
+OPTEE_TI_VERSION:ti-soc = "optee-os-ti-version.inc"
+
+require ${OPTEE_TI_VERSION}
+
+OPTEE_TI_OVERRIDES = ""
+OPTEE_TI_OVERRIDES:ti-soc = "${BPN}-ti-overrides.inc"
+
+require ${OPTEE_TI_OVERRIDES}
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-ti-overrides.inc b/meta-ti-bsp/recipes-security/optee/optee-os-ti-overrides.inc
new file mode 100644
index 00000000..0ea30907
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-os-ti-overrides.inc
@@ -0,0 +1,78 @@
+# Use TI SECDEV for signing
+inherit ti-secdev
+
+EXTRA_OEMAKE:remove = "CFG_MAP_EXT_DT_SECURE=y"
+
+EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') if d.getVar('OPTEE_K3_USART') else ''}"
+
+EXTRA_OEMAKE:append:am62xx = " CFG_TEE_CORE_LOG_LEVEL=1"
+EXTRA_OEMAKE:append:am62pxx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
+EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1"
+EXTRA_OEMAKE:append:j722s = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
+
+do_compile:append:k3() {
+ cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin
+ cp ${B}/core/tee.elf ${B}/bl32.elf
+}
+
+# Signing procedure for legacy HS devices
+optee_sign_legacyhs() {
+ ( cd ${B}/core/; \
+ ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh tee.bin tee.bin.signed; \
+ normfl=`echo ${OPTEEFLAVOR} | tr "_" "-"`
+ mv tee.bin.signed ${B}/$normfl.optee; \
+ )
+
+ if [ "${OPTEEPAGER}" = "y" ]; then
+ oe_runmake -C ${S} clean
+ oe_runmake -C ${S} all CFG_TEE_TA_LOG_LEVEL=0 CFG_WITH_PAGER=y
+ ( cd ${B}/core/; \
+ ${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh tee.bin tee.bin.signed; \
+ normfl=`echo ${OPTEEFLAVOR} | tr "_" "-"`
+ mv tee.bin.signed ${B}/$normfl-pager.optee; \
+ )
+ fi
+}
+
+do_compile:append:ti43x() {
+ optee_sign_legacyhs
+}
+
+do_compile:append:dra7xx() {
+ optee_sign_legacyhs
+}
+
+do_install:append() {
+ install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true
+ install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true
+ install -m 644 ${B}/bl32.elf ${D}${nonarch_base_libdir}/firmware/ || true
+
+ # Install embedded TAs
+ mkdir -p ${D}${nonarch_base_libdir}/optee_armtz/
+ install -D -p -m0444 ${B}/ta/*/*.ta ${D}${nonarch_base_libdir}/optee_armtz/
+}
+
+optee_deploy_legacyhs() {
+ cd ${DEPLOYDIR}/
+ for f in optee/*.optee; do
+ ln -sf $f ${DEPLOYDIR}/
+ done
+}
+
+do_deploy:append:ti43x() {
+ optee_deploy_legacyhs
+}
+
+do_deploy:append:dra7xx() {
+ optee_deploy_legacyhs
+}
+
+do_deploy:append:k3() {
+ ln -sf optee/bl32.bin ${DEPLOYDIR}/
+ ln -sf optee/bl32.elf ${DEPLOYDIR}/
+}
+
+FILES:${PN} += "${nonarch_base_libdir}/optee_armtz/"
+
+# This is needed for bl32.elf
+INSANE_SKIP:${PN}:append:k3 = " textrel"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os-ti-version.inc b/meta-ti-bsp/recipes-security/optee/optee-os-ti-version.inc
new file mode 100644
index 00000000..790f5f5f
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-os-ti-version.inc
@@ -0,0 +1,2 @@
+PV = "4.2.0+git"
+SRCREV = "12d7c4ee4642d2d761e39fbcf21a06fb77141dea"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend
new file mode 100644
index 00000000..0cee127f
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-os_%.bbappend
@@ -0,0 +1,9 @@
+OPTEE_TI_VERSION = ""
+OPTEE_TI_VERSION:ti-soc = "${BPN}-ti-version.inc"
+
+require ${OPTEE_TI_VERSION}
+
+OPTEE_TI_OVERRIDES = ""
+OPTEE_TI_OVERRIDES:ti-soc = "${BPN}-ti-overrides.inc"
+
+require ${OPTEE_TI_OVERRIDES}
diff --git a/meta-ti-bsp/recipes-security/optee/optee-test-ti-version.inc b/meta-ti-bsp/recipes-security/optee/optee-test-ti-version.inc
new file mode 100644
index 00000000..fdfa420c
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-test-ti-version.inc
@@ -0,0 +1,2 @@
+PV = "4.2.0+git"
+SRCREV = "526d5bac1b65f907f67c05cd07beca72fbab88dd"
diff --git a/meta-ti-bsp/recipes-security/optee/optee-test_%.bbappend b/meta-ti-bsp/recipes-security/optee/optee-test_%.bbappend
new file mode 100644
index 00000000..f193e78b
--- /dev/null
+++ b/meta-ti-bsp/recipes-security/optee/optee-test_%.bbappend
@@ -0,0 +1,4 @@
+OPTEE_TI_VERSION = ""
+OPTEE_TI_VERSION:ti-soc = "${BPN}-ti-version.inc"
+
+require ${OPTEE_TI_VERSION}
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-22 00:43:00 +0000