| Message ID | 20181119125824.20449-1-shyam.saini@amarulasolutions.com |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series |
|
| Related | show |
Hi On Mon, Nov 19, 2018 at 1:58 PM Shyam Saini <shyam.saini@amarulasolutions.com> wrote: > > This patach adds support for Open Source implementation of arm's Trusted > Execution Environment (TEE), Open Portable Trusted Execution > Environment(OPTEE) package. This includes optee_os, optee_client, and > optee_test. > > Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com> > --- > package/Config.in | 1 + > package/optee/Config.in | 18 ++++ > package/optee/optee.mk | 1 + > package/optee/optee_client/Config.in | 4 + > package/optee/optee_client/optee_client.mk | 4 + > package/optee/optee_os/Config.in | 79 ++++++++++++++++ > package/optee/optee_os/optee_os.mk | 145 +++++++++++++++++++++++++++++ > package/optee/optee_test/Config.in | 27 ++++++ > package/optee/optee_test/optee_test.mk | 27 ++++++ > 9 files changed, 306 insertions(+) > create mode 100644 package/optee/Config.in > create mode 100644 package/optee/optee.mk > create mode 100644 package/optee/optee_client/Config.in > create mode 100644 package/optee/optee_client/optee_client.mk > create mode 100644 package/optee/optee_os/Config.in > create mode 100644 package/optee/optee_os/optee_os.mk > create mode 100644 package/optee/optee_test/Config.in > create mode 100644 package/optee/optee_test/optee_test.mk > > diff --git a/package/Config.in b/package/Config.in > index b60e7700ada4..312d2320e7b1 100644 > --- a/package/Config.in > +++ b/package/Config.in > @@ -2047,6 +2047,7 @@ endmenu > > menu "Security" > source "package/checkpolicy/Config.in" > + source "package/optee/Config.in" > source "package/paxtest/Config.in" > source "package/policycoreutils/Config.in" > source "package/refpolicy/Config.in" > diff --git a/package/optee/Config.in b/package/optee/Config.in > new file mode 100644 > index 000000000000..397866f2ff94 > --- /dev/null > +++ b/package/optee/Config.in > @@ -0,0 +1,18 @@ > +config BR2_PACKAGE_OPTEE > + bool "Optee" > + help > + This is a comment that explains what libfoo is. The help text > + should be wrapped. > + > + http://foosoftware.org/libfoo/ > +if BR2_PACKAGE_OPTEE > + > +menu "OPTEE Source" > +source package/optee/optee_client/Config.in > +source package/optee/optee_os/Config.in > +source package/optee/optee_test/Config.in > +endmenu > + > +endif > + > + > diff --git a/package/optee/optee.mk b/package/optee/optee.mk > new file mode 100644 > index 000000000000..fdebff4ef1b3 > --- /dev/null > +++ b/package/optee/optee.mk > @@ -0,0 +1 @@ > +include $(sort $(wildcard package/optee/*/*.mk)) > diff --git a/package/optee/optee_client/Config.in b/package/optee/optee_client/Config.in > new file mode 100644 > index 000000000000..0192b105016b > --- /dev/null > +++ b/package/optee/optee_client/Config.in > @@ -0,0 +1,4 @@ > +config BR2_PACKAGE_OPTEE_CLIENT > + bool "optee_client" > + help > + http://github.org/OP-TEE/optee_client > diff --git a/package/optee/optee_client/optee_client.mk b/package/optee/optee_client/optee_client.mk > new file mode 100644 > index 000000000000..36892392e861 > --- /dev/null > +++ b/package/optee/optee_client/optee_client.mk > @@ -0,0 +1,4 @@ > +OPTEE_CLIENT_VERSION = 3.3.0 > +OPTEE_CLIENT_SITE = $(call github,OP-TEE,optee_client,$(OPTEE_CLIENT_VERSION)) > + > +$(eval $(cmake-package)) > diff --git a/package/optee/optee_os/Config.in b/package/optee/optee_os/Config.in > new file mode 100644 > index 000000000000..a0598d96cd27 > --- /dev/null > +++ b/package/optee/optee_os/Config.in > @@ -0,0 +1,79 @@ > +config BR2_PACKAGE_OPTEE_OS > + bool "optee_os" > + help > + http://github.org/OP-TEE/optee_client > + > +if BR2_PACKAGE_OPTEE_OS > + config BR2_PLATFORM > + string "PLAFORM name " > + help > + Supported platform for which optee_os has to be > + build. For example : imx6, rockchip > + > +endif > + > +config BR_DEBUG > + bool "Enable OPTEE Debug" > + default y > + help > + Enable this to see run time debug logs > +if BR_DEBUG > + config BR_DEBUG_LEVEL > + string "loglevel" > + default 3 > + help > + Choose either of 0,1,2,3,4 > +endif > +config BR_CUSTOM_DDR_SIZE > + bool "custom DDR RAM size" > + default y > + help > + Provide your board specific ddr ram size > +if BR_CUSTOM_DDR_SIZE > + config BR_DDR_SIZE > + string "soc ddr size" > + help > + Set your soc DDR size to calculate trust zone ram size > +endif > + > +config BR_BOOT_SECONDARY_REQUEST > + bool "Enable OP-TEE to respond to SMP boot request" > + default y > + help > + This option enables OP-TEE to respond to SMP boot request: the Rich OS \ > + issues this to request OP-TEE to release secondaries cores out of reset, \ > + with specific core number and non-secure entry address. > +config BR_NS_ENTRY_ADDR > + string "NS World physical entry address" > + help > + Define this to force NS(Non Secure) World physical entry address > +config BR_DT > + bool "Device Tree Support" > + default y > + help > + Enable device tree address > +if BR_DT > + config BR_DT_ADDR > + string "Device Tree Address" > + help > + Address of device tree (fdt) file in RAM > +endif > +config BR_PAGEABLE_ADDR > + string "Pageable data physical address" > + default 0 > + help > + Define this to force pageable data physical address > +config BR_UART_BASE > + string "UART Base Address" > + help > + uart base for serial console > +config BR_PSCI_ARM32 > + bool "PSCI support for arm 32" > + default y > + help > + Enable this for cpu idle management which in turn used in cpus sync up > +config BR_TEE_BENCHMARK > + bool "OPTEE benchmark" > + default n > + help > + Enable this to benchmark optee on your platform > diff --git a/package/optee/optee_os/optee_os.mk b/package/optee/optee_os/optee_os.mk > new file mode 100644 > index 000000000000..de5bdf653a48 > --- /dev/null > +++ b/package/optee/optee_os/optee_os.mk > @@ -0,0 +1,145 @@ > +OPTEE_OS_VERSION = 3.3.0 > +OPTEE_OS_SITE = $(call github,OP-TEE,optee_os,$(OPTEE_OS_VERSION)) > + > +#compilation mode flags > + > +ifeq ($(BR2_ARCH_IS_64),y) > +COMPILE_NS_USER=64 > +COMPILE_NS_KERNEL=64 > +COMPILE_S_USER=64 > +COMPILE_S_KERNEL=64 > +else > +COMPILE_NS_USER=32 > +COMPILE_NS_KERNEL=32 > +COMPILE_S_USER=32 > +COMPILE_S_KERNEL=32 > +endif This can be avoid use just one variable > + > +# default high verbosity. slow uarts shall specify lower if preferred > +CFG_TEE_CORE_LOG_LEVEL ?= 3 > + > +# default disable latency benchmarks (over all OP-TEE layers) > +CFG_TEE_BENCHMARK ?= n > + > +################################################################################ > +# Check coherency of compilation mode > +################################################################################ > + > +ifneq ($(COMPILE_NS_USER),) > +ifeq ($(COMPILE_NS_KERNEL),) > +$(error COMPILE_NS_KERNEL must be defined as COMPILE_NS_USER=$(COMPILE_NS_USER) is defined) > +endif > +ifeq (,$(filter $(COMPILE_NS_USER),32 64)) > +$(error COMPILE_NS_USER=$(COMPILE_NS_USER) - Should be 32 or 64) > +endif > +endif > + All of this can not happen is forced by config > +ifneq ($(COMPILE_NS_KERNEL),) > +ifeq ($(COMPILE_NS_USER),) > +$(error COMPILE_NS_USER must be defined as COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL) is defined) > +endif > +ifeq (,$(filter $(COMPILE_NS_KERNEL),32 64)) > +$(error COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL) - Should be 32 or 64) > +endif > +endif > + Check of variable is not necessary in buildroot to fail if those variable are option mandotory > +ifeq ($(COMPILE_NS_KERNEL),32) > +ifneq ($(COMPILE_NS_USER),32) > +$(error COMPILE_NS_USER=$(COMPILE_NS_USER) - Should be 32 as COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL)) > +endif > +endif > + > +ifneq ($(COMPILE_S_USER),) > +ifeq ($(COMPILE_S_KERNEL),) > +$(error COMPILE_S_KERNEL must be defined as COMPILE_S_USER=$(COMPILE_S_USER) is defined) > +endif > +ifeq (,$(filter $(COMPILE_S_USER),32 64)) > +$(error COMPILE_S_USER=$(COMPILE_S_USER) - Should be 32 or 64) > +endif > +endif > + > +ifneq ($(COMPILE_S_KERNEL),) > +OPTEE_OS_COMMON_EXTRA_FLAGS ?= O=out/arm > +OPTEE_OS_BIN ?= $(@D)/out/arm/core/tee.bin > +OPTEE_OS_HEADER_V2_BIN ?= $(@D)/out/arm/core/tee-header_v2.bin > +OPTEE_OS_PAGER_V2_BIN ?= $(@D)/out/arm/core/tee-pager_v2.bin > +OPTEE_OS_PAGEABLE_V2_BIN ?= $(@D)/out/arm/core/tee-pageable_v2.bin > +endif > + > +ifeq ($(BR_CUSTOM_DDR_SIZE),y) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_DDR_SIZE=$(BR_DDR_SIZE) > +endif > +ifeq ($(BR_BOOT_SECONDARY_REQUEST),y) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_BOOT_SECONDARY_REQUEST=y > +endif > + > +ifeq ($(BR_NS_ENTRY_ADDR),y) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_NS_ENTRY_ADDR=$(BR_NS_ENTRY_ADDR) > +endif > +ifeq ($(BR_DT),y) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_DT_ADDR=$(BR_DT_ADDR) > +endif > +ifneq ($(BR_PAGEABLE_ADDR),) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_PAGEABLE_ADDR=$(BR_PAGEABLE_ADDR) > +endif > + > +ifneq ($(BR_UART_BASE),) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_UART_BASE=$(BR_UART_BASE) > +endif > + > +ifneq ($(BR_PAGEABLE_ADDR),) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_PAGEABLE_ADDR=$(BR_PAGEABLE_ADDR) > +endif > + > +ifeq ($(COMPILE_S_USER),) > +$(error COMPILE_S_USER must be defined as COMPILE_S_KERNEL=$(COMPILE_S_KERNEL) is defined) > +endif > +ifeq (,$(filter $(COMPILE_S_KERNEL),32 64)) > +$(error COMPILE_S_KERNEL=$(COMPILE_S_KERNEL) - Should be 32 or 64) > +endif > +ifeq ($(COMPILE_S_KERNEL),32) > +ifneq ($(COMPILE_S_USER),32) > +$(error COMPILE_S_USER=$(COMPILE_S_USER) - Should be 32 as COMPILE_S_KERNEL=$(COMPILE_S_KERNEL)) > +endif > +endif > + > +################################################################################ > +# set the compiler when COMPILE_xxx are defined > +################################################################################ > + > +ifeq ($(COMPILE_S_USER),32) > +OPTEE_OS_TA_DEV_KIT_DIR ?= $(@D)/out/arm/export-ta_arm32 > +endif > +ifeq ($(COMPILE_S_USER),64) > +OPTEE_OS_TA_DEV_KIT_DIR ?= $(@D)/out/arm/export-ta_arm64 > +endif > + > +ifeq ($(COMPILE_S_KERNEL),64) > +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_ARM64_core=y > +endif > + > +define expand-env-var > +awk '{while(match($$0,"[$$]{[^}]*}")) {var=substr($$0,RSTART+2,RLENGTH -3);gsub("[$$]{"var"}",ENVIRON[var])}}1' > +endef > + > +DEBUG ?= 3 > + > +################################################################################ > +# OP-TEE > +################################################################################ > + > +define OPTEE_OS_BUILD_CMDS > + $(MAKE) CROSS_COMPILE="$(TARGET_CROSS)" CROSS_COMPILE_core="$(TARGET_CROSS)" \ > + CFG_TEE_CORE_LOG_LEVEL=$(CFG_TEE_CORE_LOG_LEVEL) \ > + $(OPTEE_OS_COMMON_EXTRA_FLAGS) \ > + CFG_TEE_BENCHMARK=$(CFG_TEE_BENCHMARK) \ > + CFG_PAGEABLE_ADDR=0 \ > + CFG_NS_ENTRY_ADDR=0x12000000 CFG_DT_ADDR=0x18000000 \ > + CFG_DT=y CFG_PSCI_ARM32=y DEBUG=n \ > + CFG_BOOT_SYNC_CPU=n CFG_BOOT_SECONDARY_REQUEST=y \ > + CFG_DDR_SIZE=0x1E200000 CFG_UART_BASE=UART4_BASE \ > + -C $(@D) PLATFORM="$(BR2_PLATFORM)" > +endef > + > +$(eval $(generic-package)) > + > diff --git a/package/optee/optee_test/Config.in b/package/optee/optee_test/Config.in > new file mode 100644 > index 000000000000..8a435d19fa88 > --- /dev/null > +++ b/package/optee/optee_test/Config.in > @@ -0,0 +1,27 @@ > +config BR2_PACKAGE_OPTEE_TEST > + bool "optee_test" > + select BR2_PACKAGE_OPTEE_CLIENT > + help > + http://github.org/OP-TEE/optee_test > + > +if BR2_PACKAGE_OPTEE_TEST > + > +config BR2_PACKAGE_OPTEE_TEST_SITE > + string "OP-TEE test path" > + default "" > + help > + The path to the source directory of OP-TEE test > + > +config BR2_PACKAGE_OPTEE_TEST_SDK > + string "OPTEE SDK path" > + default "" > + help > + some help > + > +config BR2_PACKAGE_OPTEE_TEST_CROSS_COMPILE > + string "OPTEE cross compiler" > + default "" > + help > + some help > + > +endif > diff --git a/package/optee/optee_test/optee_test.mk b/package/optee/optee_test/optee_test.mk > new file mode 100644 > index 000000000000..77b5f61d4ed9 > --- /dev/null > +++ b/package/optee/optee_test/optee_test.mk > @@ -0,0 +1,27 @@ > +OPTEE_TEST_VERSION = 3.3.0 > +OPTEE_TEST_SITE = $(call github,OP-TEE,optee_test,$(OPTEE_TEST_VERSION)) > +OPTEE_TEST_INSTALL_STAGING = YES > +OPTEE_TEST_DEPENDENCIES = optee_client openssl host-python-pycrypto > +OPTEE_TEST_SDK = "/home/shyam/buildroot/output/build/optee_os-3.3.0/out/arm/export-ta_arm32" > +OPTEE_TEST_CONF_OPTS = -DOPTEE_TEST_SDK=$(OPTEE_TEST_SDK) > + > +define OPTEE_TEST_BUILD_TAS > + @$(foreach f,$(wildcard $(@D)/ta/*/Makefile), \ > + echo Building $f && \ > + $(MAKE) CROSS_COMPILE="/home/shyam/buildroot/output/host/bin/arm-linux-gnueabihf-" \ > + O=out TA_DEV_KIT_DIR=$(OPTEE_TEST_SDK) \ > + $(TARGET_CONFIGURE_OPTS) -C $(dir $f) all &&) true > +endef > + > +define OPTEE_TEST_INSTALL_TAS > + @$(foreach f,$(wildcard $(@D)/ta/*/out/*.ta), \ > + mkdir -p $(TARGET_DIR)/lib/optee_armtz && \ > + $(INSTALL) -v -p --mode=444 \ > + --target-directory=$(TARGET_DIR)/lib/optee_armtz $f \ > + &&) true > +endef > + > +OPTEE_TEST_POST_BUILD_HOOKS += OPTEE_TEST_BUILD_TAS > +OPTEE_TEST_POST_INSTALL_TARGET_HOOKS += OPTEE_TEST_INSTALL_TAS > + > +$(eval $(generic-package)) > -- > 2.11.0 > Michael
diff --git a/package/Config.in b/package/Config.in index b60e7700ada4..312d2320e7b1 100644 --- a/package/Config.in +++ b/package/Config.in @@ -2047,6 +2047,7 @@ endmenu menu "Security" source "package/checkpolicy/Config.in" + source "package/optee/Config.in" source "package/paxtest/Config.in" source "package/policycoreutils/Config.in" source "package/refpolicy/Config.in" diff --git a/package/optee/Config.in b/package/optee/Config.in new file mode 100644 index 000000000000..397866f2ff94 --- /dev/null +++ b/package/optee/Config.in @@ -0,0 +1,18 @@ +config BR2_PACKAGE_OPTEE + bool "Optee" + help + This is a comment that explains what libfoo is. The help text + should be wrapped. + + http://foosoftware.org/libfoo/ +if BR2_PACKAGE_OPTEE + +menu "OPTEE Source" +source package/optee/optee_client/Config.in +source package/optee/optee_os/Config.in +source package/optee/optee_test/Config.in +endmenu + +endif + + diff --git a/package/optee/optee.mk b/package/optee/optee.mk new file mode 100644 index 000000000000..fdebff4ef1b3 --- /dev/null +++ b/package/optee/optee.mk @@ -0,0 +1 @@ +include $(sort $(wildcard package/optee/*/*.mk)) diff --git a/package/optee/optee_client/Config.in b/package/optee/optee_client/Config.in new file mode 100644 index 000000000000..0192b105016b --- /dev/null +++ b/package/optee/optee_client/Config.in @@ -0,0 +1,4 @@ +config BR2_PACKAGE_OPTEE_CLIENT + bool "optee_client" + help + http://github.org/OP-TEE/optee_client diff --git a/package/optee/optee_client/optee_client.mk b/package/optee/optee_client/optee_client.mk new file mode 100644 index 000000000000..36892392e861 --- /dev/null +++ b/package/optee/optee_client/optee_client.mk @@ -0,0 +1,4 @@ +OPTEE_CLIENT_VERSION = 3.3.0 +OPTEE_CLIENT_SITE = $(call github,OP-TEE,optee_client,$(OPTEE_CLIENT_VERSION)) + +$(eval $(cmake-package)) diff --git a/package/optee/optee_os/Config.in b/package/optee/optee_os/Config.in new file mode 100644 index 000000000000..a0598d96cd27 --- /dev/null +++ b/package/optee/optee_os/Config.in @@ -0,0 +1,79 @@ +config BR2_PACKAGE_OPTEE_OS + bool "optee_os" + help + http://github.org/OP-TEE/optee_client + +if BR2_PACKAGE_OPTEE_OS + config BR2_PLATFORM + string "PLAFORM name " + help + Supported platform for which optee_os has to be + build. For example : imx6, rockchip + +endif + +config BR_DEBUG + bool "Enable OPTEE Debug" + default y + help + Enable this to see run time debug logs +if BR_DEBUG + config BR_DEBUG_LEVEL + string "loglevel" + default 3 + help + Choose either of 0,1,2,3,4 +endif +config BR_CUSTOM_DDR_SIZE + bool "custom DDR RAM size" + default y + help + Provide your board specific ddr ram size +if BR_CUSTOM_DDR_SIZE + config BR_DDR_SIZE + string "soc ddr size" + help + Set your soc DDR size to calculate trust zone ram size +endif + +config BR_BOOT_SECONDARY_REQUEST + bool "Enable OP-TEE to respond to SMP boot request" + default y + help + This option enables OP-TEE to respond to SMP boot request: the Rich OS \ + issues this to request OP-TEE to release secondaries cores out of reset, \ + with specific core number and non-secure entry address. +config BR_NS_ENTRY_ADDR + string "NS World physical entry address" + help + Define this to force NS(Non Secure) World physical entry address +config BR_DT + bool "Device Tree Support" + default y + help + Enable device tree address +if BR_DT + config BR_DT_ADDR + string "Device Tree Address" + help + Address of device tree (fdt) file in RAM +endif +config BR_PAGEABLE_ADDR + string "Pageable data physical address" + default 0 + help + Define this to force pageable data physical address +config BR_UART_BASE + string "UART Base Address" + help + uart base for serial console +config BR_PSCI_ARM32 + bool "PSCI support for arm 32" + default y + help + Enable this for cpu idle management which in turn used in cpus sync up +config BR_TEE_BENCHMARK + bool "OPTEE benchmark" + default n + help + Enable this to benchmark optee on your platform diff --git a/package/optee/optee_os/optee_os.mk b/package/optee/optee_os/optee_os.mk new file mode 100644 index 000000000000..de5bdf653a48 --- /dev/null +++ b/package/optee/optee_os/optee_os.mk @@ -0,0 +1,145 @@ +OPTEE_OS_VERSION = 3.3.0 +OPTEE_OS_SITE = $(call github,OP-TEE,optee_os,$(OPTEE_OS_VERSION)) + +#compilation mode flags + +ifeq ($(BR2_ARCH_IS_64),y) +COMPILE_NS_USER=64 +COMPILE_NS_KERNEL=64 +COMPILE_S_USER=64 +COMPILE_S_KERNEL=64 +else +COMPILE_NS_USER=32 +COMPILE_NS_KERNEL=32 +COMPILE_S_USER=32 +COMPILE_S_KERNEL=32 +endif + +# default high verbosity. slow uarts shall specify lower if preferred +CFG_TEE_CORE_LOG_LEVEL ?= 3 + +# default disable latency benchmarks (over all OP-TEE layers) +CFG_TEE_BENCHMARK ?= n + +################################################################################ +# Check coherency of compilation mode +################################################################################ + +ifneq ($(COMPILE_NS_USER),) +ifeq ($(COMPILE_NS_KERNEL),) +$(error COMPILE_NS_KERNEL must be defined as COMPILE_NS_USER=$(COMPILE_NS_USER) is defined) +endif +ifeq (,$(filter $(COMPILE_NS_USER),32 64)) +$(error COMPILE_NS_USER=$(COMPILE_NS_USER) - Should be 32 or 64) +endif +endif + +ifneq ($(COMPILE_NS_KERNEL),) +ifeq ($(COMPILE_NS_USER),) +$(error COMPILE_NS_USER must be defined as COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL) is defined) +endif +ifeq (,$(filter $(COMPILE_NS_KERNEL),32 64)) +$(error COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL) - Should be 32 or 64) +endif +endif + +ifeq ($(COMPILE_NS_KERNEL),32) +ifneq ($(COMPILE_NS_USER),32) +$(error COMPILE_NS_USER=$(COMPILE_NS_USER) - Should be 32 as COMPILE_NS_KERNEL=$(COMPILE_NS_KERNEL)) +endif +endif + +ifneq ($(COMPILE_S_USER),) +ifeq ($(COMPILE_S_KERNEL),) +$(error COMPILE_S_KERNEL must be defined as COMPILE_S_USER=$(COMPILE_S_USER) is defined) +endif +ifeq (,$(filter $(COMPILE_S_USER),32 64)) +$(error COMPILE_S_USER=$(COMPILE_S_USER) - Should be 32 or 64) +endif +endif + +ifneq ($(COMPILE_S_KERNEL),) +OPTEE_OS_COMMON_EXTRA_FLAGS ?= O=out/arm +OPTEE_OS_BIN ?= $(@D)/out/arm/core/tee.bin +OPTEE_OS_HEADER_V2_BIN ?= $(@D)/out/arm/core/tee-header_v2.bin +OPTEE_OS_PAGER_V2_BIN ?= $(@D)/out/arm/core/tee-pager_v2.bin +OPTEE_OS_PAGEABLE_V2_BIN ?= $(@D)/out/arm/core/tee-pageable_v2.bin +endif + +ifeq ($(BR_CUSTOM_DDR_SIZE),y) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_DDR_SIZE=$(BR_DDR_SIZE) +endif +ifeq ($(BR_BOOT_SECONDARY_REQUEST),y) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_BOOT_SECONDARY_REQUEST=y +endif + +ifeq ($(BR_NS_ENTRY_ADDR),y) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_NS_ENTRY_ADDR=$(BR_NS_ENTRY_ADDR) +endif +ifeq ($(BR_DT),y) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_DT_ADDR=$(BR_DT_ADDR) +endif +ifneq ($(BR_PAGEABLE_ADDR),) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_PAGEABLE_ADDR=$(BR_PAGEABLE_ADDR) +endif + +ifneq ($(BR_UART_BASE),) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_UART_BASE=$(BR_UART_BASE) +endif + +ifneq ($(BR_PAGEABLE_ADDR),) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_PAGEABLE_ADDR=$(BR_PAGEABLE_ADDR) +endif + +ifeq ($(COMPILE_S_USER),) +$(error COMPILE_S_USER must be defined as COMPILE_S_KERNEL=$(COMPILE_S_KERNEL) is defined) +endif +ifeq (,$(filter $(COMPILE_S_KERNEL),32 64)) +$(error COMPILE_S_KERNEL=$(COMPILE_S_KERNEL) - Should be 32 or 64) +endif +ifeq ($(COMPILE_S_KERNEL),32) +ifneq ($(COMPILE_S_USER),32) +$(error COMPILE_S_USER=$(COMPILE_S_USER) - Should be 32 as COMPILE_S_KERNEL=$(COMPILE_S_KERNEL)) +endif +endif + +################################################################################ +# set the compiler when COMPILE_xxx are defined +################################################################################ + +ifeq ($(COMPILE_S_USER),32) +OPTEE_OS_TA_DEV_KIT_DIR ?= $(@D)/out/arm/export-ta_arm32 +endif +ifeq ($(COMPILE_S_USER),64) +OPTEE_OS_TA_DEV_KIT_DIR ?= $(@D)/out/arm/export-ta_arm64 +endif + +ifeq ($(COMPILE_S_KERNEL),64) +OPTEE_OS_COMMON_EXTRA_FLAGS += CFG_ARM64_core=y +endif + +define expand-env-var +awk '{while(match($$0,"[$$]{[^}]*}")) {var=substr($$0,RSTART+2,RLENGTH -3);gsub("[$$]{"var"}",ENVIRON[var])}}1' +endef + +DEBUG ?= 3 + +################################################################################ +# OP-TEE +################################################################################ + +define OPTEE_OS_BUILD_CMDS + $(MAKE) CROSS_COMPILE="$(TARGET_CROSS)" CROSS_COMPILE_core="$(TARGET_CROSS)" \ + CFG_TEE_CORE_LOG_LEVEL=$(CFG_TEE_CORE_LOG_LEVEL) \ + $(OPTEE_OS_COMMON_EXTRA_FLAGS) \ + CFG_TEE_BENCHMARK=$(CFG_TEE_BENCHMARK) \ + CFG_PAGEABLE_ADDR=0 \ + CFG_NS_ENTRY_ADDR=0x12000000 CFG_DT_ADDR=0x18000000 \ + CFG_DT=y CFG_PSCI_ARM32=y DEBUG=n \ + CFG_BOOT_SYNC_CPU=n CFG_BOOT_SECONDARY_REQUEST=y \ + CFG_DDR_SIZE=0x1E200000 CFG_UART_BASE=UART4_BASE \ + -C $(@D) PLATFORM="$(BR2_PLATFORM)" +endef + +$(eval $(generic-package)) + diff --git a/package/optee/optee_test/Config.in b/package/optee/optee_test/Config.in new file mode 100644 index 000000000000..8a435d19fa88 --- /dev/null +++ b/package/optee/optee_test/Config.in @@ -0,0 +1,27 @@ +config BR2_PACKAGE_OPTEE_TEST + bool "optee_test" + select BR2_PACKAGE_OPTEE_CLIENT + help + http://github.org/OP-TEE/optee_test + +if BR2_PACKAGE_OPTEE_TEST + +config BR2_PACKAGE_OPTEE_TEST_SITE + string "OP-TEE test path" + default "" + help + The path to the source directory of OP-TEE test + +config BR2_PACKAGE_OPTEE_TEST_SDK + string "OPTEE SDK path" + default "" + help + some help + +config BR2_PACKAGE_OPTEE_TEST_CROSS_COMPILE + string "OPTEE cross compiler" + default "" + help + some help + +endif diff --git a/package/optee/optee_test/optee_test.mk b/package/optee/optee_test/optee_test.mk new file mode 100644 index 000000000000..77b5f61d4ed9 --- /dev/null +++ b/package/optee/optee_test/optee_test.mk @@ -0,0 +1,27 @@ +OPTEE_TEST_VERSION = 3.3.0 +OPTEE_TEST_SITE = $(call github,OP-TEE,optee_test,$(OPTEE_TEST_VERSION)) +OPTEE_TEST_INSTALL_STAGING = YES +OPTEE_TEST_DEPENDENCIES = optee_client openssl host-python-pycrypto +OPTEE_TEST_SDK = "/home/shyam/buildroot/output/build/optee_os-3.3.0/out/arm/export-ta_arm32" +OPTEE_TEST_CONF_OPTS = -DOPTEE_TEST_SDK=$(OPTEE_TEST_SDK) + +define OPTEE_TEST_BUILD_TAS + @$(foreach f,$(wildcard $(@D)/ta/*/Makefile), \ + echo Building $f && \ + $(MAKE) CROSS_COMPILE="/home/shyam/buildroot/output/host/bin/arm-linux-gnueabihf-" \ + O=out TA_DEV_KIT_DIR=$(OPTEE_TEST_SDK) \ + $(TARGET_CONFIGURE_OPTS) -C $(dir $f) all &&) true +endef + +define OPTEE_TEST_INSTALL_TAS + @$(foreach f,$(wildcard $(@D)/ta/*/out/*.ta), \ + mkdir -p $(TARGET_DIR)/lib/optee_armtz && \ + $(INSTALL) -v -p --mode=444 \ + --target-directory=$(TARGET_DIR)/lib/optee_armtz $f \ + &&) true +endef + +OPTEE_TEST_POST_BUILD_HOOKS += OPTEE_TEST_BUILD_TAS +OPTEE_TEST_POST_INSTALL_TARGET_HOOKS += OPTEE_TEST_INSTALL_TAS + +$(eval $(generic-package))
This patach adds support for Open Source implementation of arm's Trusted Execution Environment (TEE), Open Portable Trusted Execution Environment(OPTEE) package. This includes optee_os, optee_client, and optee_test. Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com> --- package/Config.in | 1 + package/optee/Config.in | 18 ++++ package/optee/optee.mk | 1 + package/optee/optee_client/Config.in | 4 + package/optee/optee_client/optee_client.mk | 4 + package/optee/optee_os/Config.in | 79 ++++++++++++++++ package/optee/optee_os/optee_os.mk | 145 +++++++++++++++++++++++++++++ package/optee/optee_test/Config.in | 27 ++++++ package/optee/optee_test/optee_test.mk | 27 ++++++ 9 files changed, 306 insertions(+) create mode 100644 package/optee/Config.in create mode 100644 package/optee/optee.mk create mode 100644 package/optee/optee_client/Config.in create mode 100644 package/optee/optee_client/optee_client.mk create mode 100644 package/optee/optee_os/Config.in create mode 100644 package/optee/optee_os/optee_os.mk create mode 100644 package/optee/optee_test/Config.in create mode 100644 package/optee/optee_test/optee_test.mk