- Jun 05, 2020
-
-
Etienne Carriere authored
Build OP-TEE for STM32MP1 based platforms. Currently supports platforms STM32MP157A-DK1, STM32MP157C-DK2 and STM32MP157C-EV1 using a SDcard as boot media. Default build targets board STM32MP157C-DK2: # make One can specify a target board with PLATFORM configuration switch: # make PLATFORM=stm32mp1-157A_DK1 # make PLATFORM=stm32mp1-157C_DK2 # make PLATFORM=stm32mp1-157C_EV1 Refer to br-ext/board/stmicroelectronics/stm32mp1-tz/readme.txt for mode information. TF-A, OP-TEE OS, U-Boot and Linux kernel are built outside Builrdoot. All other embedded components are built through Buildroot. Buildroot generates the final SDcard binary image file to be loaded raw in the target SD card. The image includes a GPT partition table. See br-ext/board/stmicroelectronics/stm32mp1-tz/genimage-*.cfg for more details. Note on U-Boot defconfig: from v2019.10 up to v2020.07-rc2, one shall use stm32mp15_optee_defconfig. From v2020-rc3 onward, one shall use stm32mp15_trusted_defconfig. For flexibility, stm32mp1.mk supports both. Signed-off-by:
Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by:
Joakim Bech <joakim.bech@linaro.org>
-
- May 29, 2020
-
-
Etienne Carriere authored
Change packages to default define a _SITE configuration as expected when _SITE_METHOD is defined. This change aligns OP-TEE client/examples/test_ext packages with OP-TEE os_ext/benchmark_ext packages regarding this _SITE_METHOD/_SITE management. Signed-off-by:
Jens Wiklander <jens.wiklander@linaro.org>
-
Etienne Carriere authored
Rename OP-TEE packages in br-ext with a _ext suffix so that they do not conflict with the OP-TEE packages from Buildroot. This change essentially renames Buildroot configuration switches BR2_OPTEE_* to BR2_OPTEE_*_EXT_* without changing the current build process. This change is needed for OP-TEE build environment to synchronize with Buildroot GIT version [1] or later in the Buildroot integration tree. [1] points where OP-TEE packages were introduced in Buildroot, right after 2019.02 is released. This was tested with all Buildroot release tags from 2018.11 to 2020.02, and recent 2020.05-rc1. Link: [1] https://git.buildroot.net/buildroot/commit/?id=da49312af9e0c3e7f6df50e7d6f77e1fa2921b7a Signed-off-by:
-
- Feb 25, 2020
-
-
Jerome Forissier authored
If an error occurs when building a TA, the error does not stop the build. It may therefore go unnoticed if files have been generated previously. This patch adds "set -e" to address this issue. Signed-off-by:
Jerome Forissier <jerome@forissier.org> Reviewed-by:
-
- Oct 10, 2019
-
-
Markus S. Wamser authored
Depending on the size of the string in the variable TARGET_CONFIGURE_OPTS and number of examples, the size of the string in OPTEE_EXAMPLES_BUILD_TAS produced by evaluation of the $(foreach...) statement may exceed the maximum length for execvp() calls from make (128KiB). Delaying the enumeration of targets by passing a loop-statement for the shell expands the variables only once and keep the length of the string independent of the number of examples. Signed-off-by:
Markus S. Wamser <markus.wamser@mixed-mode.de> Acked-by:
-
Markus S. Wamser authored
Depending on the size of the string in the variable TARGET_CONFIGURE_OPTS and number of tests, the size of the string in OPTEE_TEST_BUILD_TAS produced by evaluation of the $(foreach...) statement may exceed the maximum length for execvp() calls from make (128KiB). Delaying the enumeration of targets by passing a loop-statement for the shell expands the variables only once and keep the length of the string independent of the number of tests. Signed-off-by:
-
- Oct 07, 2019
-
-
Jerome Forissier authored
Adds the required flags and configuration files to enable Wi-Fi on the HiKey960 board. The network name and password have to be set in br-ext/board/hikey960/overlay/etc/wpa_supplicant.conf before building. Then Wi-Fi can be enabled on the board by running 'ifup wlan0' as root. Signed-off-by:
-
- Aug 07, 2019
-
-
Victor Chong authored
Fix typo for setting CFG_TEE_BENCHMARK in OPTEE_CLIENT_CONF_OPTS. Fixes: 93758cc1 ("buildroot: provide CFG_TEE_BENCHMARK in optee_client") Signed-off-by:
Victor Chong <victor.chong@linaro.org> Acked-by:
Jerome Forissier <jerome.forissier@linaro.org>
-
- May 23, 2019
-
-
Joakim Bech authored
The BR2_KERNEL_HEADERS_4_10 has been depracted, so when trying to build with GDBSERVER=y we got this warning: Makefile.legacy:9: *** "You have legacy configuration in your .config! Please check your configuration.". Stop. To better match recent toolchain updates in this git (gcc updates and kernel header updates, commit e0298161), we also update buildroot to use and provide a GCC8.x based toolchain as well as 4.19 kernel headers. Signed-off-by:
-
- May 18, 2019
-
-
Joakim Bech authored
In the GCC v8.2-2018.08 toolchain (previous default in OP-TEE) the GDB/TUI mode was disabled, which made debugging using GDB slightly more complicated. However, in more recent versions of GCC like the one introduced here, i.e., GCC8.3-2019.03, Arm have re-enabled the TUI mode. But to be able to upgrade the toolchain, one must also step up kernel headers so that the toolchain matches the kernel headers used by Buildroot. This means that we are stepping up from 4.18 kernel headers to 4.19 kernel headers, which seems to be compatible with the version of GCC that is being introduced in this patch. Note that after this commit, older GCC versions will not work any longer when building full OP-TEE developer setups using OP-TEE's manifest.git and build.git, i.e., trying to run GCC8.2 for example will give a kernel header mismatch error. Fixes #334. Signed-off-by:
-
- May 13, 2019
-
-
Jerome Forissier authored
Similar fix to commit 106b53a2 ("buildroot: always declare BR2_PACKAGE_OPTEE_BENCHMARK_SITE"). Signed-off-by:
-
- May 06, 2019
-
-
Victor Chong authored
With CFG_TA_TEST_PATH now defaulting to n in optee_client for better security, this needs to be set explicitly to pass xtest 1008. Signed-off-by:
-
- May 02, 2019
-
-
Jerome Forissier authored
Fixes a mistake in the optee_os install step which prevents the libraries from being copied into the root FS staging area. Fixes: 91ebff72 ("buildroot: add optee_os package to copy shared libraries into the root FS") Signed-off-by:
-
- Mar 19, 2019
-
-
Jerome Forissier authored
When OP-TEE is built with CFG_ULIBS_SHARED=y, TA shared libraries are created. They have to be installed into the target root FS in order to be found at runtime. This patch adds a custom package to do just that. Signed-off-by:
-
- Feb 06, 2019
-
-
Etienne Carriere authored
Update script based on the feedback from Buildroot maintainer [1]: > +# /etc/init.d/optee Drop this comment, it is useless, and in fact wrong: the file will not have this name in a Buildroot filesystem. (...) > + if [ -e /usr/sbin/tee-supplicant -a -e /dev/teepriv0 ]; then Drop this test, just start tee-supplicatn. (...) > + echo "Starting tee-supplicant..." > + /usr/sbin/tee-supplicant & Please use start-stop-daemon. See https://patchwork.ozlabs.org/patch/994013/ for the "right" way of writing an init script. This maybe not be best way, if there's one, but it seems more standard to use start-stop-daemon. Moreover the proposed script ensures its return value matches the status of the caller request. [1] http://lists.busybox.net/pipermail/buildroot/2018-December/238354.html Signed-off-by:
-
- Feb 01, 2019
-
-
Joakim Bech authored
For some reason Raspberry Pi 3 with NFS root doesn't allow tee-supplicant to create a working folder for user 'tee' under the /data folder. We have found a workaround which is to create the /data hierarchy and set its permissions in S30optee rather than in the root fs definition in optee_client.mk. Fixes: https://github.com/OP-TEE/optee_os/issues/2773 Signed-off-by:
-
- Jan 14, 2019
-
-
Volodymyr Babchuk authored
Signed-off-by:
Volodymyr Babchuk <vlad.babchuk@gmail.com> Acked-by:
-
Volodymyr Babchuk authored
Function concatenate_files() used mix of tabs and spaces, and python3 was very unhappy about this. Signed-off-by:
-
- Sep 26, 2018
-
-
Jerome Forissier authored
Use Arm's GCC 8.2 toolchains. Signed-off-by:
-
Jerome Forissier authored
Using the current tip of the buildroot upstream branch, we get the following error: build$ make [...] [...]br-ext/package/optee_benchmark/optee_benchmark.mk:8: *** optee_benchmark has local site method, but `OPTEE_BENCHMARK_SITE` is not defined. Stop. The error does not occur if BR2_PACKAGE_OPTEE_BENCHMARK is selected (i.e., "make CFG_TEE_BENCHMARK=y"). It looks like the _SITE variable has to be declared even though the package is not selected for building. Signed-off-by:
-
- Sep 05, 2018
-
-
Jerome Forissier authored
If /dev/ion exists, it should be set up so that the test user can access it. Otherwise, some tests will fail, such as xtest 1014 (Secure Data Path). Similar to what is done for /dev/tee*, this commit configures permissions based on a specific group: ion. Signed-off-by:
-
- Aug 23, 2018
-
-
Jerome Forissier authored
Restrict execution of TEE client applications to members of the teeclnt group. A test user is created and added to this group. Having two groups (tee and teeclnt) allows to better isolate tee-supplicant from the client applications. Signed-off-by:
-
- Aug 22, 2018
-
-
Jerome Forissier authored
Build with GDBSERVER=y to enable remote debugging of Normal World applications. gdbserver is added to the root filesystem. Signed-off-by:
-
- Aug 20, 2018
-
-
Jerome Forissier authored
Create user and group tee/tee and set the proper permissions on /dev/tee* and /data/tee so that tee-supplicant and the client applications may be run as a non-root user. Signed-off-by:
-
Jerome Forissier authored
Init scripts normally print OK or FAIL when they start daemons. Update our tee-supplicant script to do just that. The -d option to tee-supplicant is used so that when the tee-supplicant command returns, we know for sure if initialization went well or not. Signed-off-by:
-
- Aug 09, 2018
-
-
Jerome Forissier authored
Adds the missing startup file to the buildroot-generated filesystem so that networking is available in the VM as claimed by docs/qemu.md. Signed-off-by:
-
- Jul 05, 2018
-
-
Igor Opaniuk authored
Provide proper value to optee_client cmake option CFG_TEE_BENCHMARK Acked-by:
Igor Opaniuk <igor.opaniuk@linaro.org>
-
- Jun 07, 2018
-
-
Volodymyr Babchuk authored
Currently sign.py uses system python to sign TAs. Problem is that buildroot can build own host-python. This python lacks pycrypto, so sign.py fails. This patch adds dependency on host-python-pycrypto, so buildroot will always build python with needed module. Signed-off-by:
-
- May 07, 2018
-
-
Jens Wiklander authored
Adds OpenSSL to root file system allowing xtest to use OpenSSL. Reviewed-by:
-
Jens Wiklander authored
Reviewed-by:
-
Jens Wiklander authored
Reviewed-by:
-
- Mar 14, 2018
-
-
Jens Wiklander authored
Adds support for legacy compiler gcc-linaro-4.9-2015.02-3-x86_64_arm-linux-gnueabihf To compile using this compiler instead on ARMv7 systems supply COMPILE_LEGACY=y to make. Acked-by:
-
- Mar 12, 2018
-
-
Jens Wiklander authored
Adds external packages repository for buildroot containing: * Packing for optee_client, optee_examples, optee_test and optee_benchmark * Configs and a script to assembly defconfigs needed for buildroot Acked-by:
-
