From f7ffa9d7769734de5a8a317d0b1baa60c22dee5e Mon Sep 17 00:00:00 2001 From: Joakim Bech <joakim.bech@linaro.org> Date: Fri, 1 Feb 2019 12:48:05 +0100 Subject: [PATCH] Move creation of /data etc. from optee_client.mk to S30optee For some reason Raspberry Pi 3 with NFS root doesn't allow tee-supplicant to create a working folder for user 'tee' under the /data folder. We have found a workaround which is to create the /data hierarchy and set its permissions in S30optee rather than in the root fs definition in optee_client.mk. Fixes: https://github.com/OP-TEE/optee_os/issues/2773 Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3, RPi3+NFS) Acked-by: Jerome Forissier <jerome.forissier@linaro.org> --- br-ext/package/optee_client/S30optee | 4 ++++ br-ext/package/optee_client/optee_client.mk | 5 ----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/br-ext/package/optee_client/S30optee b/br-ext/package/optee_client/S30optee index df6129f..7f7afca 100755 --- a/br-ext/package/optee_client/S30optee +++ b/br-ext/package/optee_client/S30optee @@ -19,6 +19,10 @@ case "$1" in chown root:ion /dev/ion && chmod 0660 /dev/ion [ $? = 0 ] && echo "OK" || echo "FAIL" fi + printf "Create and set permissions on /data... " + mkdir -p /data/tee && chown -R tee:tee /data/tee && \ + chmod 0770 /data/tee + [ $? = 0 ] && echo "OK" || echo "FAIL" printf "Starting tee-supplicant... " su tee -c '/usr/sbin/tee-supplicant -d' [ $? = 0 ] && echo "OK" || echo "FAIL" diff --git a/br-ext/package/optee_client/optee_client.mk b/br-ext/package/optee_client/optee_client.mk index 18dd799..9b0b01e 100644 --- a/br-ext/package/optee_client/optee_client.mk +++ b/br-ext/package/optee_client/optee_client.mk @@ -28,9 +28,4 @@ define OPTEE_CLIENT_USERS test -1 test -1 - - /bin/sh teeclnt,ion Test user, may run TEE client applications endef -define OPTEE_CLIENT_PERMISSIONS - /data d 755 root root - - - - - - /data/tee d 770 tee tee - - - - - -endef - $(eval $(cmake-package)) -- GitLab