- May 06, 2019
-
-
Victor Chong authored
With CFG_TA_TEST_PATH now defaulting to n in optee_client for better security, this needs to be set explicitly to pass xtest 1008. Signed-off-by:
Victor Chong <victor.chong@linaro.org> Reviewed-by:
Joakim Bech <joakim.bech@linaro.org>
-
- May 02, 2019
-
-
Jerome Forissier authored
Fixes a mistake in the optee_os install step which prevents the libraries from being copied into the root FS staging area. Fixes: 91ebff72 ("buildroot: add optee_os package to copy shared libraries into the root FS") Signed-off-by:
Jerome Forissier <jerome.forissier@linaro.org> Acked-by:
Jens Wiklander <jens.wiklander@linaro.org>
-
- Mar 19, 2019
-
-
Jerome Forissier authored
When OP-TEE is built with CFG_ULIBS_SHARED=y, TA shared libraries are created. They have to be installed into the target root FS in order to be found at runtime. This patch adds a custom package to do just that. Signed-off-by:
Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by:
-
- Feb 06, 2019
-
-
Etienne Carriere authored
Update script based on the feedback from Buildroot maintainer [1]: > +# /etc/init.d/optee Drop this comment, it is useless, and in fact wrong: the file will not have this name in a Buildroot filesystem. (...) > + if [ -e /usr/sbin/tee-supplicant -a -e /dev/teepriv0 ]; then Drop this test, just start tee-supplicatn. (...) > + echo "Starting tee-supplicant..." > + /usr/sbin/tee-supplicant & Please use start-stop-daemon. See https://patchwork.ozlabs.org/patch/994013/ for the "right" way of writing an init script. This maybe not be best way, if there's one, but it seems more standard to use start-stop-daemon. Moreover the proposed script ensures its return value matches the status of the caller request. [1] http://lists.busybox.net/pipermail/buildroot/2018-December/238354.html Signed-off-by:
-
- Feb 01, 2019
-
-
Joakim Bech authored
For some reason Raspberry Pi 3 with NFS root doesn't allow tee-supplicant to create a working folder for user 'tee' under the /data folder. We have found a workaround which is to create the /data hierarchy and set its permissions in S30optee rather than in the root fs definition in optee_client.mk. Fixes: https://github.com/OP-TEE/optee_os/issues/2773 Signed-off-by:
-
- Jan 14, 2019
-
-
Volodymyr Babchuk authored
Signed-off-by:
Volodymyr Babchuk <vlad.babchuk@gmail.com> Acked-by:
-
Volodymyr Babchuk authored
Function concatenate_files() used mix of tabs and spaces, and python3 was very unhappy about this. Signed-off-by:
-
- Sep 26, 2018
-
-
Jerome Forissier authored
Use Arm's GCC 8.2 toolchains. Signed-off-by:
-
Jerome Forissier authored
Using the current tip of the buildroot upstream branch, we get the following error: build$ make [...] [...]br-ext/package/optee_benchmark/optee_benchmark.mk:8: *** optee_benchmark has local site method, but `OPTEE_BENCHMARK_SITE` is not defined. Stop. The error does not occur if BR2_PACKAGE_OPTEE_BENCHMARK is selected (i.e., "make CFG_TEE_BENCHMARK=y"). It looks like the _SITE variable has to be declared even though the package is not selected for building. Signed-off-by:
-
- Sep 05, 2018
-
-
Jerome Forissier authored
If /dev/ion exists, it should be set up so that the test user can access it. Otherwise, some tests will fail, such as xtest 1014 (Secure Data Path). Similar to what is done for /dev/tee*, this commit configures permissions based on a specific group: ion. Signed-off-by:
-
- Aug 23, 2018
-
-
Jerome Forissier authored
Restrict execution of TEE client applications to members of the teeclnt group. A test user is created and added to this group. Having two groups (tee and teeclnt) allows to better isolate tee-supplicant from the client applications. Signed-off-by:
-
- Aug 22, 2018
-
-
Jerome Forissier authored
Build with GDBSERVER=y to enable remote debugging of Normal World applications. gdbserver is added to the root filesystem. Signed-off-by:
-
- Aug 20, 2018
-
-
Jerome Forissier authored
Create user and group tee/tee and set the proper permissions on /dev/tee* and /data/tee so that tee-supplicant and the client applications may be run as a non-root user. Signed-off-by:
-
Jerome Forissier authored
Init scripts normally print OK or FAIL when they start daemons. Update our tee-supplicant script to do just that. The -d option to tee-supplicant is used so that when the tee-supplicant command returns, we know for sure if initialization went well or not. Signed-off-by:
-
- Aug 09, 2018
-
-
Jerome Forissier authored
Adds the missing startup file to the buildroot-generated filesystem so that networking is available in the VM as claimed by docs/qemu.md. Signed-off-by:
-
- Jul 05, 2018
-
-
Igor Opaniuk authored
Provide proper value to optee_client cmake option CFG_TEE_BENCHMARK Acked-by:
Igor Opaniuk <igor.opaniuk@linaro.org>
-
- Jun 07, 2018
-
-
Volodymyr Babchuk authored
Currently sign.py uses system python to sign TAs. Problem is that buildroot can build own host-python. This python lacks pycrypto, so sign.py fails. This patch adds dependency on host-python-pycrypto, so buildroot will always build python with needed module. Signed-off-by:
-
- May 07, 2018
-
-
Jens Wiklander authored
Adds OpenSSL to root file system allowing xtest to use OpenSSL. Reviewed-by:
-
Jens Wiklander authored
Reviewed-by:
-
Jens Wiklander authored
Reviewed-by:
-
- Mar 14, 2018
-
-
Jens Wiklander authored
Adds support for legacy compiler gcc-linaro-4.9-2015.02-3-x86_64_arm-linux-gnueabihf To compile using this compiler instead on ARMv7 systems supply COMPILE_LEGACY=y to make. Acked-by:
-
- Mar 12, 2018
-
-
Jens Wiklander authored
Adds external packages repository for buildroot containing: * Packing for optee_client, optee_examples, optee_test and optee_benchmark * Configs and a script to assembly defconfigs needed for buildroot Acked-by:
-
