Commit Graph

18 Commits

Author SHA1 Message Date
Kory Maincent
46306d135e boot/optee-os: add out-of-source OPTEE-OS device tree support
Similarly to U-Boot, this patch adds the ability to copy in and build
out-of-source device tree sources during an OPTEE-OS build. To build
the external device tree source file, the OP-TEE OS configuration must
refer to it with the CFG_EMBED_DTB_SOURCE_FILE option and no platform
flavor needs to be specified.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-02-06 12:07:12 +01:00
Kory Maincent
73dedf735e boot/optee-os: remove host-python-pillow build dependency
host-python-pillow dependency was needed to build the STMicroelecronics
version during its rc versions but is is not needed anymore in the release.
It is then useless to keep this dependency.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-09-06 13:44:46 +02:00
Ricardo Martincoski
d5dce2c301 boot/optee-os: fix typo on BR2_TARGET_OPTEE_OS_LATEST
The typo was added by commit
'9c79b369d6 boot/optee-os: add support for custom tarball URL'

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-08-15 11:03:58 +02:00
Kory Maincent
9c79b369d6 boot/optee-os: add support for custom tarball URL
For now only latest release and custom git repository was supported.
This patch adds support for custom tarball URL.

It also adds configuration verification for custom git repository and
tarball URL.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.rog> for the v2.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-06-27 23:26:32 +02:00
Kory Maincent
edfa431c9b boot/optee-os: add support to build with python-pillow
Some specific versions of OP-TEE need the python-pillow module on the
host to build support for the TUI (Trusted User Interface) feature.

To allow building such OP-TEE versions, this commit adds the option
BR2_TARGET_OPTEE_OS_NEEDS_PYTHON_PILLOW which when enabled ensures
that host-python-pillow is built before OP-TEE.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-06-05 22:49:00 +02:00
Clément Léger
752f478aff boot/optee-os: add support to build with python-cryptography
Newer version of optee-os (>= 3.16) uses python-cryptography instead of
python-pycryptodomex in python scripts. Add support to build these
newer versions by adding a new
BR2_TARGET_OPTEE_OS_NEEDS_PYTHON_CRYPTOGRAPHY option which will
select host-python-cryptography dependency when building optee-os.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
[yann.morin.1998@free.fr:
  - move the _ARCH_DEPENDS option from the main symbol to thus new
    symbol
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-18 23:26:34 +01:00
Clément Léger
67be54cd94 boot/optee-os: add option to select DTC dependency
Some platforms (stm32, sam) needs DTC to build the platform
device-trees. Add BR2_TARGET_OPTEE_OS_NEEDS_DTC configuration
option to select host-dtc package when building.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr: move option]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-14 21:59:26 +01:00
Peter Korsgaard
d3730ae991 package/python3-pyelftools: drop host package
Now that host-python2 is gone, the custom python3 variant can be dropped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-11 20:07:57 +01:00
Peter Korsgaard
1fc1b258d3 package/python3-pycryptodomex: drop host package
Now that host-python2 is gone, the custom python3 variant can be dropped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-11 20:07:42 +01:00
Dick Olsson
0d61dde674 boot/optee-os: depend on host-python3
Recent versions of OP-TEE depend on Python 3. Currently, OP-TEE is
building with the Python interpreter provided by the user. This patch
includes an upstream patch that makes the interpreter configurable,
and makes use of this configuration with host-python3.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-09 00:13:41 +02:00
Romain Naour
82b7400175 boot/optee-os: replace pycrypto by pycryptodomex
>From [1] included in optee-os release 3.7.0:
"PyCryptodome is a fork of PyCrypto, which is not maintained any more
(the last release dates back to 2013 [2]). It exposes almost the same
API, but there are a few incompatibilities [3]."

pem_to_pub_c.py/sign.py scripts still use pycrypto that is replaced
by pycryptodomex. Add a patch to use pycryptodomex but don't use
upstream commit since it also switches from the algorithm
TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 to TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256
when replacing pycrypto to pycryptodomex [4].

[1] 90ad245043
[2] https://pypi.org/project/pycrypto/#history
[3] https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html
[4] ababd72d2f

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/526035730

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-21 15:46:21 +02:00
Yann E. MORIN
3091d334e7 boot/optee-os: license files hashes only valid for latest version
We can only know the details of the license files for known versions.  For
custom, older or newer versions, the license files may change, or may be
moved around.

So, do for optee-os as was done for other packages in the recent past,
and only define the list of license files for the latest version.

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-06 20:42:02 +01:00
Etienne Carriere
8483dff1b3 boot/optee-os: bump version to 3.7.0
Bump OP-TEE OS package version to OP-TEE release 3.7.0.

This adds host-python-pyelftools to optee-os dependencies

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-10-29 22:25:18 +01:00
Etienne Carriere
c3ebde5ced boot/optee-os: support alternate image files
Some platform may generate specific boot image files instead of
the generic files tee.bin and tee-*_v2.bin when building OP-TEE OS
package.

This change introduces optee-os configuration directive
BR2_TARGET_OPTEE_OS_CORE_IMAGES that allows board configuration
to specify its expected boot image file names.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: use the current hardcoded values as the default for the new
config option, to avoid breaking existing setups, and therefore use
$(wildcard ...) to support wildcards]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-08-03 18:07:57 +02:00
Etienne Carriere
b978a2a1e7 boot/optee-os: install trusted shared libraries
Install generated trusted shared libraries in the target file
system next to the trusted applications.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:46:44 +02:00
Etienne Carriere
6ad03fd403 boot/optee-os: fix TA files installation
This change fixes the TA binary files install sequence that were
previously install in target filesystem though
OPTEE_OS_INSTALL_IMAGES_CMDS instead of expected
OPTEE_OS_INSTALL_TARGET_CMDS.

This change removes useless mkdir prior call to $(INSTALL) that
already handles parent directory creation when needed.

This change conditions the .ta files installation upon their
availability as they may exist or not depending on the exact OPTEE
version/configuration selected.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:45:53 +02:00
Etienne Carriere
ca34a3ed25 boot/optee-os: define a new variable OPTEE_OS_SDK
This commit adds a new variable OPTEE_OS_SDK, define by the optee-os
package, which points to the OPTEE SDK installed in STAGING_DIR. This
will allow other pakage to find this SDK more easily.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: improve commit log, rename variable to just OPTEE_OS_SDK]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-05 21:51:23 +01:00
Etienne Carriere
95942f5fcd boot/optee-os: new package
OP-TEE OS is maintained by the OP-TEE project. It provides an
open source solution for development and integration of secure
services for Armv7-A and Armv8-A CPU based platforms supporting
the TrustZone technology. This technology enables CPUs to
concurrently host a secure world as the OP-TEE OS and a non-secure
world as a Linux based OS.

The OP-TEE project maintains other packages to leverage OP-TEE on
Linux kernel based OSes. An OP-TEE interface driver is available
in the Linux kernel since 4.12 upon CONFIG_OPTEE.

This change references in Buildroot the today's latest OP-TEE
revision release tagged 3.4.0.

https://www.op-tee.org/
https://github.com/OP-TEE/optee_os

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - pass CFG_ARM32_core=y when building for ARMv7, otherwise the build
   fails
 - add a check that verifies that BR2_TARGET_OPTEE_OS_PLATFORM is not
   empty
 - minor formatting fixes/adjustements.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-10 17:11:23 +01:00