arm/trusted-services: fix environment handling

The current version of the TS recipes fails to build if the TS
environment is not set to opteesp. Change the recipes to allow building
the sp environment.

This environment targets "generic" secure partitions and produces SPMC
agnostic SP binaries which should be able to boot under any FF-A v1.0
compliant SPMC implementation.

Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>

documentation/trusted-services.md

@@ -44,6 +44,9 @@ Other steps depend on your machine/platform definition:
    and in `meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc` and
    `meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc` for N1SDP and Corstone1000 platforms.
 
+4. Trusted Services supports an SPMC agonistic binary format. To build SPs to this format the `TS_ENV` variable is to be
+   set to `sp`. The resulting SP binaries should be able to boot under any FF-A v1.1 compliant SPMC implementation.
+
 ## Normal World applications
 
 Optionally for testing purposes you can add `packagegroup-ts-tests` into your image. It includes 

meta-arm/recipes-security/optee/optee-os-ts.inc

@@ -6,61 +6,64 @@
 # TS SPs UUIDs definitions
 require recipes-security/trusted-services/ts-uuid.inc
 
-TS_ENV = "opteesp"
+TS_ENV ?= "opteesp"
 TS_BIN = "${RECIPE_SYSROOT}/usr/${TS_ENV}/bin"
+TS_BIN_SPM_TEST= "${RECIPE_SYSROOT}/usr/opteesp/bin"
+
+SP_EXT = "${@oe.utils.conditional('TS_ENV','opteesp','.stripped.elf','.bin',d)}"
 
 # ITS SP
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-its', \
                                         ' ts-sp-its', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-its', \
-                                        ' ${TS_BIN}/${ITS_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${ITS_UUID}${SP_EXT}', '', d)}"
 
 # Storage SP
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-storage', \
                                         ' ts-sp-storage', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-storage', \
-                                        ' ${TS_BIN}/${STORAGE_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${STORAGE_UUID}${SP_EXT}', '', d)}"
 
 # Crypto SP.
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-crypto', \
                                         ' ts-sp-crypto', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-crypto', \
-                                        ' ${TS_BIN}/${CRYPTO_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${CRYPTO_UUID}${SP_EXT}', '', d)}"
 
 # Attestation SP
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', \
                                         ' ts-sp-attestation', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', \
-                                        ' ${TS_BIN}/${ATTESTATION_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${ATTESTATION_UUID}${SP_EXT}', '', d)}"
 
 # Env-test SP
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-env-test', \
                                         ' ts-sp-env-test', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-env-test', \
-                                        ' ${TS_BIN}/${ENV_TEST_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${ENV_TEST_UUID}${SP_EXT}', '', d)}"
 
 # SE-Proxy SP
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-se-proxy', \
                                         ' ts-sp-se-proxy', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-se-proxy', \
-                                        ' ${TS_BIN}/${SE_PROXY_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${SE_PROXY_UUID}${SP_EXT}', '', d)}"
 
 # SMM Gateway
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-smm-gateway', \
                                         ' ts-sp-smm-gateway', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-smm-gateway', \
-                                        ' ${TS_BIN}/${SMM_GATEWAY_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${SMM_GATEWAY_UUID}${SP_EXT}', '', d)}"
 
 # SPM test SPs
 DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \
                                         ' ts-sp-spm-test1 ts-sp-spm-test2 \
                                           ts-sp-spm-test3 ts-sp-spm-test4', '' , d)}"
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \
-                            ' ${TS_BIN}/${SPM_TEST1_UUID}.stripped.elf \
-                              ${TS_BIN}/${SPM_TEST2_UUID}.stripped.elf \
-                              ${TS_BIN}/${SPM_TEST3_UUID}.stripped.elf \
-                              ${TS_BIN}/${SPM_TEST4_UUID}.stripped.elf', \
-                              '', d)}"
+                        ' ${TS_BIN_SPM_TEST}/${SPM_TEST1_UUID}.stripped.elf \
+                          ${TS_BIN_SPM_TEST}/${SPM_TEST2_UUID}.stripped.elf \
+                          ${TS_BIN_SPM_TEST}/${SPM_TEST3_UUID}.stripped.elf \
+                          ${TS_BIN_SPM_TEST}/${SPM_TEST4_UUID}.stripped.elf', \
+                          '', d)}"
 EXTRA_OEMAKE:append = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \
                                         ' CFG_SPMC_TESTS=y', '' , d)}"
 
@@ -69,7 +72,7 @@ DEPENDS:append  = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-block-storage',
                                         ' ts-sp-block-storage', '' , d)}"
 
 SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-block-storage', \
-                                        ' ${TS_BIN}/${BLOCK_STORAGE_UUID}.stripped.elf', '', d)}"
+                                        ' ${TS_BIN}/${BLOCK_STORAGE_UUID}${SP_EXT}', '', d)}"
 
 EXTRA_OEMAKE:append = "${@oe.utils.conditional('SP_PATHS', '', '', \
                         ' CFG_MAP_EXT_DT_SECURE=y CFG_SECURE_PARTITION=y \

meta-arm/recipes-security/trusted-services/trusted-services.inc

@@ -23,7 +23,7 @@ TS_PLATFORM ?= "ts/mock"
 # FIP packaging is not supported yet
 SP_PACKAGING_METHOD ?= "embedded"
 
-SYSROOT_DIRS += "/usr/opteesp /usr/arm-linux"
+SYSROOT_DIRS += "/usr/${TS_ENV} /usr/opteesp /usr/arm-linux"
 
 # TS cmake files use find_file() to search through source code and build dirs.
 # Yocto cmake class limits CMAKE_FIND_ROOT_PATH and find_file() fails.
@@ -54,5 +54,5 @@ EXTRA_OECMAKE += "${@get_ts_toolchain_option(d)}"
 
 # Paths to pre-built dependencies required by some TS SPs/tools
 EXTRA_OECMAKE += "-Dlibts_ROOT=${STAGING_DIR_HOST}${TS_INSTALL}/lib/cmake/libts/ \
-                  -DNEWLIB_INSTALL_DIR=${STAGING_DIR_HOST}${TS_INSTALL}/newlib \
+                  -DNEWLIB_INSTALL_DIR=${STAGING_DIR_HOST}/usr/opteesp/newlib \
                  "

meta-arm/recipes-security/trusted-services/ts-sp-common.inc

@@ -6,6 +6,7 @@ require trusted-services.inc
 require ts-uuid.inc
 
 DEPENDS += "dtc-native ts-newlib"
+DEPENDS += "${@oe.utils.conditional('TS_ENV','sp','python3-pyelftools-native','', d)}"
 
 FILES:${PN}-dev = "${TS_INSTALL}"
 

meta-arm/recipes-security/trusted-services/ts-sp-spm-test-common.inc

@@ -1,5 +1,8 @@
 DESCRIPTION = "Trusted Services SPMC test SPs"
 
+# spm test SP only supports opteesp.
+TS_ENV = 'opteesp'
+
 require ts-sp-common.inc
 
 SP_UUID = "${SPM_TEST${SP_INDEX}_UUID}"