mirrors/meta-arm
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-06-05 14:30:10 +00:00
Code Issues Projects Releases Wiki Activity

Include Trusted Services SPs into optee-os image

Browse Source 
Required TS SPs can be included into optee-os image using MACHINE_FEATURES:

ts-its         - Internal Storage SP
ts-storage     - Storage SP
ts-crypto      - Crypto SP
ts-attestetion - Attestation SP
ts-se-proxy    - SE Proxy SP
ts-smm-gateway - SMM Gateway SP

Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit is contained in:
Anton Antonov
2022-08-31 19:41:56 +01:00
committed by Jon Mason
parent 3076df522a
commit 63b960c7c8
2 changed files with 59 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-arm/recipes-security/optee/optee-os-ts.inc
+54
View File
@@ -0,0 +1,54 @@
# Include Trusted Services SPs accordingly to defined machine features
# Please notice that OPTEE will load SPs in the order listed in this file.
# If an SP requires another SP to be already loaded it must be listed lower.
# TS SPs UUIDs definitions
require recipes-security/trusted-services/ts-uuid.inc
TS_ENV = "opteesp"
TS_BIN = "${RECIPE_SYSROOT}/usr/${TS_ENV}/bin"
# ITS SP
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-its', \
' ts-sp-its', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-its', \
' ${TS_BIN}/${ITS_UUID}.stripped.elf', '', d)}"
# Storage SP
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-storage', \
' ts-sp-storage', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-storage', \
' ${TS_BIN}/${STORAGE_UUID}.stripped.elf', '', d)}"
# Crypto SP.
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-crypto', \
' ts-sp-crypto', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-crypto', \
' ${TS_BIN}/${CRYPTO_UUID}.stripped.elf', '', d)}"
# Attestation SP
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', \
' ts-sp-attestation', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', \
' ${TS_BIN}/${ATTESTATION_UUID}.stripped.elf', '', d)}"
# Env-test SP
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-env-test', \
' ts-sp-env-test', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-env-test', \
' ${TS_BIN}/${ENV_TEST_UUID}.stripped.elf', '', d)}"
# SE-Proxy SP
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-se-proxy', \
' ts-sp-se-proxy', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-se-proxy', \
' ${TS_BIN}/${SE_PROXY_UUID}.stripped.elf', '', d)}"
# SMM Gateway
DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-smm-gateway', \
' ts-sp-smm-gateway', '' , d)}"
SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-smm-gateway', \
' ${TS_BIN}/${SMM_GATEWAY_UUID}.stripped.elf', '', d)}"
EXTRA_OEMAKE:append = "${@oe.utils.conditional('SP_PATHS', '', '', ' CFG_SECURE_PARTITION=y SP_PATHS=\'${SP_PATHS}\' ', d)}"
meta-arm/recipes-security/optee/optee-os_%.bbappend
+5
View File
@@ -0,0 +1,5 @@
# Include Trusted Services Secure Partitions
require optee-os-ts.inc
# Conditionally include platform specific Trusted Services related OPTEE build parameters
EXTRA_OEMAKE:append:qemuarm64-secureboot = "${@oe.utils.conditional('SP_PATHS', '', '', ' CFG_CORE_HEAP_SIZE=131072 CFG_TEE_BENCHMARK=n CFG_TEE_CORE_LOG_LEVEL=4 CFG_CORE_SEL1_SPMC=y ', d)}"