Commit Graph

25 Commits

Author SHA1 Message Date
Kory Maincent
edfa431c9b boot/optee-os: add support to build with python-pillow
Some specific versions of OP-TEE need the python-pillow module on the
host to build support for the TUI (Trusted User Interface) feature.

To allow building such OP-TEE versions, this commit adds the option
BR2_TARGET_OPTEE_OS_NEEDS_PYTHON_PILLOW which when enabled ensures
that host-python-pillow is built before OP-TEE.

Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-06-05 22:49:00 +02:00
Etienne Carriere
ba146579d9 boot/optee-os: bump to version 3.17.0
Bump OP-TEE OS package version to OP-TEE release 3.17.0.

Cc: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-04-27 21:27:09 +02:00
Yann E. MORIN
945f8a788f boot/optee-os: fix version choice
Commit c5d441b7f2 (boot/optee-os: bump to version 3.16.0) forgot to
propagate the rustc arch dependency from the new version, to the default
clause of the choice.

This leaves only the custom git tree as a posible source for building
OP-TEE OS in case the host can't have a rustc compiler.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Clément Léger <clement.leger@bootlin.com>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-27 17:33:24 +02:00
Clément Léger
c5d441b7f2 boot/optee-os: bump to version 3.16.0
Bump OP-TEE OS package version to OP-TEE release 3.16.0 and set
BR2_TARGET_OPTEE_OS_LATEST to select
BR2_TARGET_OPTEE_OS_NEEDS_PYTHON_CRYPTOGRAPHY since
python-cryptography is now needed to build optee-os.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-18 23:39:45 +01:00
Clément Léger
752f478aff boot/optee-os: add support to build with python-cryptography
Newer version of optee-os (>= 3.16) uses python-cryptography instead of
python-pycryptodomex in python scripts. Add support to build these
newer versions by adding a new
BR2_TARGET_OPTEE_OS_NEEDS_PYTHON_CRYPTOGRAPHY option which will
select host-python-cryptography dependency when building optee-os.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
[yann.morin.1998@free.fr:
  - move the _ARCH_DEPENDS option from the main symbol to thus new
    symbol
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-18 23:26:34 +01:00
Clément Léger
67be54cd94 boot/optee-os: add option to select DTC dependency
Some platforms (stm32, sam) needs DTC to build the platform
device-trees. Add BR2_TARGET_OPTEE_OS_NEEDS_DTC configuration
option to select host-dtc package when building.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr: move option]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-14 21:59:26 +01:00
Peter Korsgaard
d3730ae991 package/python3-pyelftools: drop host package
Now that host-python2 is gone, the custom python3 variant can be dropped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-11 20:07:57 +01:00
Peter Korsgaard
1fc1b258d3 package/python3-pycryptodomex: drop host package
Now that host-python2 is gone, the custom python3 variant can be dropped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-11 20:07:42 +01:00
Etienne Carriere
7b08ad5a2f boot/optee-os: bump to version 3.15.0
Bump OP-TEE OS package version to OP-TEE release 3.15.0.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-10-27 22:28:03 +02:00
Clément Léger
4200631ce2 boot/optee-os: use dedicated 3.13.0 patch directory
Existing patch is for 3.13.0 optee version but is located at the root
of optee-os folder, leading to error when applying it on more recent
version. Move it to a dedicated 3.13.0 folder.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-08-05 20:56:08 +02:00
Etienne Carriere
2d5829aa3e boot/optee-os: bump to version 3.13.0
Bump OP-TEE OS package version to OP-TEE release 3.13.0.

Add a patch already merged OP-TEE to fix build issue seen with 3.13.0
on some BR toolchain.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-07-20 21:41:26 +02:00
Etienne Carriere
80d1bc9b19 boot/optee-os: bump to version 3.12.0
Bump OP-TEE OS package version to OP-TEE release 3.12.0.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-03-06 23:32:37 +01:00
Etienne Carriere
ae102ee750 boot/optee-os: bump to version 3.11.0
Bump OP-TEE OS package version to OP-TEE release 3.11.0.

Remove patches since merged in OP-TEE OS 3.11.0

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-10-31 22:58:17 +01:00
Dick Olsson
0d61dde674 boot/optee-os: depend on host-python3
Recent versions of OP-TEE depend on Python 3. Currently, OP-TEE is
building with the Python interpreter provided by the user. This patch
includes an upstream patch that makes the interpreter configurable,
and makes use of this configuration with host-python3.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-09 00:13:41 +02:00
Etienne Carriere
8ea8822005 boot/optee-os: bump to version 3.9.0
Bump OP-TEE OS package version to OP-TEE release 3.9.0.

Update patch on pydrypto/pycryptodome to match 3.9.0.
Add patch on CFG_OPTEE_REVISION_MINOR that was not updated in release
3.9.0 and fixed only few commits above.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-14 15:33:17 +02:00
Romain Naour
82b7400175 boot/optee-os: replace pycrypto by pycryptodomex
>From [1] included in optee-os release 3.7.0:
"PyCryptodome is a fork of PyCrypto, which is not maintained any more
(the last release dates back to 2013 [2]). It exposes almost the same
API, but there are a few incompatibilities [3]."

pem_to_pub_c.py/sign.py scripts still use pycrypto that is replaced
by pycryptodomex. Add a patch to use pycryptodomex but don't use
upstream commit since it also switches from the algorithm
TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 to TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256
when replacing pycrypto to pycryptodomex [4].

[1] 90ad245043
[2] https://pypi.org/project/pycrypto/#history
[3] https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html
[4] ababd72d2f

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/526035730

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-21 15:46:21 +02:00
Yann E. MORIN
3091d334e7 boot/optee-os: license files hashes only valid for latest version
We can only know the details of the license files for known versions.  For
custom, older or newer versions, the license files may change, or may be
moved around.

So, do for optee-os as was done for other packages in the recent past,
and only define the list of license files for the latest version.

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-06 20:42:02 +01:00
Etienne Carriere
8483dff1b3 boot/optee-os: bump version to 3.7.0
Bump OP-TEE OS package version to OP-TEE release 3.7.0.

This adds host-python-pyelftools to optee-os dependencies

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-10-29 22:25:18 +01:00
Etienne Carriere
c3ebde5ced boot/optee-os: support alternate image files
Some platform may generate specific boot image files instead of
the generic files tee.bin and tee-*_v2.bin when building OP-TEE OS
package.

This change introduces optee-os configuration directive
BR2_TARGET_OPTEE_OS_CORE_IMAGES that allows board configuration
to specify its expected boot image file names.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: use the current hardcoded values as the default for the new
config option, to avoid breaking existing setups, and therefore use
$(wildcard ...) to support wildcards]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-08-03 18:07:57 +02:00
Peter Korsgaard
f590097045 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-06-02 22:11:20 +02:00
Etienne Carriere
5f274d52a5 boot/optee-os: bump version to 3.5.0
Bump OP-TEE OS package version to OP-TEE release 3.5.0.

The hash of the license file changed due to a fairly minor change in
the file:

  -Unless it has its own copyright/license embedded in its body, each source file
  +Unless it has its own copyright/license embedded in its body, each file

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: update the license file hash]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 18:09:24 +02:00
Etienne Carriere
b978a2a1e7 boot/optee-os: install trusted shared libraries
Install generated trusted shared libraries in the target file
system next to the trusted applications.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:46:44 +02:00
Etienne Carriere
6ad03fd403 boot/optee-os: fix TA files installation
This change fixes the TA binary files install sequence that were
previously install in target filesystem though
OPTEE_OS_INSTALL_IMAGES_CMDS instead of expected
OPTEE_OS_INSTALL_TARGET_CMDS.

This change removes useless mkdir prior call to $(INSTALL) that
already handles parent directory creation when needed.

This change conditions the .ta files installation upon their
availability as they may exist or not depending on the exact OPTEE
version/configuration selected.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 17:45:53 +02:00
Etienne Carriere
ca34a3ed25 boot/optee-os: define a new variable OPTEE_OS_SDK
This commit adds a new variable OPTEE_OS_SDK, define by the optee-os
package, which points to the OPTEE SDK installed in STAGING_DIR. This
will allow other pakage to find this SDK more easily.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas: improve commit log, rename variable to just OPTEE_OS_SDK]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-05 21:51:23 +01:00
Etienne Carriere
95942f5fcd boot/optee-os: new package
OP-TEE OS is maintained by the OP-TEE project. It provides an
open source solution for development and integration of secure
services for Armv7-A and Armv8-A CPU based platforms supporting
the TrustZone technology. This technology enables CPUs to
concurrently host a secure world as the OP-TEE OS and a non-secure
world as a Linux based OS.

The OP-TEE project maintains other packages to leverage OP-TEE on
Linux kernel based OSes. An OP-TEE interface driver is available
in the Linux kernel since 4.12 upon CONFIG_OPTEE.

This change references in Buildroot the today's latest OP-TEE
revision release tagged 3.4.0.

https://www.op-tee.org/
https://github.com/OP-TEE/optee_os

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - pass CFG_ARM32_core=y when building for ARMv7, otherwise the build
   fails
 - add a check that verifies that BR2_TARGET_OPTEE_OS_PLATFORM is not
   empty
 - minor formatting fixes/adjustements.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-02-10 17:11:23 +01:00