diff --git a/package/optee-client/0001-libteeacl-condition-libteeacl-with-WITH_TEEACL.patch b/package/optee-client/0001-libteeacl-condition-libteeacl-with-WITH_TEEACL.patch new file mode 100644 index 0000000000..4fdf9afc94 --- /dev/null +++ b/package/optee-client/0001-libteeacl-condition-libteeacl-with-WITH_TEEACL.patch @@ -0,0 +1,105 @@ +From bbdf665aba39c29a3ce7bd06e4554c62a416ebaa Mon Sep 17 00:00:00 2001 +From: Etienne Carriere +Date: Thu, 10 Nov 2022 12:05:24 +0100 +Subject: [PATCH] libteeacl: condition libteeacl with WITH_TEEACL + +Build and embed libteeacl upon WITH_TEEACL=1 (default configuration). +This configuration switch allows one to build OP-TEE client without +dependencies on pkg-config and libuuid when OP-TEE ACL for +PKCS11 is not needed: + cmake -DWITH_TEEACL=0 ... +or + make WITH_TEEACL=0 ... + +With the comments below addressed, LGTM. + +Acked-by: Jerome Forissier +Acked-by: Jens Wiklander +Reviewed-by: Eero Aaltonen +[etienne.carriere@linaro.org: backport upstream commit] +Signed-off-by: Etienne Carriere +[yann.morin.1998@free.fr: actually do a backport of bbdf665] +Signed-off-by: Yann E. MORIN +--- + CMakeLists.txt | 9 ++++++--- + Makefile | 15 ++++++++++++--- + 2 files changed, 18 insertions(+), 6 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 0786752..9fb5c6a 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -5,6 +5,7 @@ project (optee_client C) + set (CMAKE_TOOLCHAIN_FILE CMakeToolchain.txt) + + set (CFG_WERROR 1 CACHE BOOL "Build with -Werror") ++option (WITH_TEEACL "Build libteeacl" TRUE) + + include(GNUInstallDirs) + +@@ -37,7 +38,9 @@ add_subdirectory (libteec) + add_subdirectory (tee-supplicant) + add_subdirectory (public) + add_subdirectory (libckteec) +-find_package (PkgConfig REQUIRED) +-pkg_check_modules(uuid REQUIRED IMPORTED_TARGET uuid) +-add_subdirectory (libteeacl) ++if(WITH_TEEACL) ++ find_package (PkgConfig REQUIRED) ++ pkg_check_modules(uuid REQUIRED IMPORTED_TARGET uuid) ++ add_subdirectory (libteeacl) ++endif(WITH_TEEACL) + add_subdirectory (libseteec) +diff --git a/Makefile b/Makefile +index 90b487e..2ee5621 100644 +--- a/Makefile ++++ b/Makefile +@@ -16,6 +16,8 @@ SBINDIR ?= /usr/sbin + LIBDIR ?= /usr/lib + INCLUDEDIR ?= /usr/include + ++WITH_TEEACL ?= 1 ++ + .PHONY: all build build-libteec build-libckteec build-libseteec \ + build-libteeacl check-libuuid install copy_export clean cscope \ + clean-cscope \ +@@ -35,8 +37,10 @@ build-tee-supplicant: build-libteec + @echo "Building tee-supplicant" + $(MAKE) --directory=tee-supplicant --no-print-directory --no-builtin-variables CFG_TEE_SUPP_LOG_LEVEL=$(CFG_TEE_SUPP_LOG_LEVEL) + +-build: build-libteec build-tee-supplicant build-libckteec build-libseteec \ +- build-libteeacl ++build: build-libteec build-tee-supplicant build-libckteec build-libseteec ++ifeq ($(WITH_TEEACL),1) ++build: build-libteeacl ++endif + + build-libckteec: build-libteec + @echo "Building libckteec.so" +@@ -57,7 +61,10 @@ check-libuuid: + install: copy_export + + clean: clean-libteec clean-tee-supplicant clean-cscope clean-libckteec \ +- clean-libseteec clean-libteeacl ++ clean-libseteec ++ifeq ($(WITH_TEEACL),1) ++clean: clean-libteeacl ++endif + + clean-libteec: + @$(MAKE) --directory=libteec --no-print-directory clean +@@ -158,9 +165,11 @@ copy_export: build + cp libckteec/include/*.h $(DESTDIR)$(INCLUDEDIR) + cp -d ${O}/libckteec/libckteec.so* $(DESTDIR)$(LIBDIR) + cp -d ${O}/libckteec/libckteec.a $(DESTDIR)$(LIBDIR) ++ifeq ($(WITH_TEEACL),1) + cp libteeacl/include/*.h $(DESTDIR)$(INCLUDEDIR) + cp -d ${O}/libteeacl/libteeacl.so* $(DESTDIR)$(LIBDIR) + cp -d ${O}/libteeacl/libteeacl.a $(DESTDIR)$(LIBDIR) ++endif + cp libseteec/include/*.h $(DESTDIR)$(INCLUDEDIR) + cp -d ${O}/libseteec/libseteec.so* $(DESTDIR)$(LIBDIR) + cp -d ${O}/libseteec/libseteec.a $(DESTDIR)$(LIBDIR) +-- +2.25.1 + diff --git a/package/optee-client/Config.in b/package/optee-client/Config.in index cc7f176c77..538948b72c 100644 --- a/package/optee-client/Config.in +++ b/package/optee-client/Config.in @@ -37,6 +37,14 @@ config BR2_PACKAGE_OPTEE_CLIENT_SUPP_PLUGINS help Enable TEE supplicant plugin support. +config BR2_PACKAGE_OPTEE_CLIENT_TEEACL + bool "Enable TEE Access Control List login" + select BR2_PACKAGE_UTIL_LINUX + select BR2_PACKAGE_UTIL_LINUX_LIBUUID + help + Enable TEE ACL login identification for OP-TEE service that + supports them as OP-TEE PKCS#11 services. + endif comment "optee-client needs a toolchain w/ threads, headers >= 4.3" diff --git a/package/optee-client/optee-client.hash b/package/optee-client/optee-client.hash index 8e55bf5725..c067e26f4e 100644 --- a/package/optee-client/optee-client.hash +++ b/package/optee-client/optee-client.hash @@ -1,4 +1,4 @@ -# From https://github.com/OP-TEE/optee_client/archive/3.18.0/optee-client-3.18.0.tar.gz -sha256 ecc0f04fdd5398aa52fea50427fbd624f7f90274aec7bbf2cc8a5bd16758202b optee-client-3.18.0.tar.gz +# From https://github.com/OP-TEE/optee_client/archive/3.19.0/optee-client-3.19.0.tar.gz +sha256 5f0d02efa0e496964e86ca9dd2461ada923d1f9e11a4b9cafb5393bd08337644 optee-client-3.19.0.tar.gz # Locally computed sha256 fda8385993f112d7ca61b88b54ba5b4cbeec7e43a0f9b317d5186703c1985e8f LICENSE diff --git a/package/optee-client/optee-client.mk b/package/optee-client/optee-client.mk index 3fbbe9484c..3e0c9269b8 100644 --- a/package/optee-client/optee-client.mk +++ b/package/optee-client/optee-client.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPTEE_CLIENT_VERSION = 3.18.0 +OPTEE_CLIENT_VERSION = 3.19.0 OPTEE_CLIENT_SITE = $(call github,OP-TEE,optee_client,$(OPTEE_CLIENT_VERSION)) OPTEE_CLIENT_LICENSE = BSD-2-Clause OPTEE_CLIENT_LICENSE_FILES = LICENSE @@ -26,6 +26,13 @@ else OPTEE_CLIENT_CONF_OPTS += -DCFG_TEE_SUPP_PLUGINS=OFF endif +ifeq ($(BR2_PACKAGE_OPTEE_CLIENT_TEEACL),y) +OPTEE_CLIENT_EXT_DEPENDENCIES += host-pkgconf util-linux-libs +OPTEE_CLIENT_CONF_OPTS += -DWITH_TEEACL=ON +else +OPTEE_CLIENT_CONF_OPTS += -DWITH_TEEACL=OFF +endif + define OPTEE_CLIENT_INSTALL_INIT_SYSV $(INSTALL) -m 0755 -D $(OPTEE_CLIENT_PKGDIR)/S30tee-supplicant \ $(TARGET_DIR)/etc/init.d/S30tee-supplicant