From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 13 Feb 2026 11:03:03 +0100 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vqq0s-001DEY-2M for lore@lore.pengutronix.de; Fri, 13 Feb 2026 11:03:03 +0100 Received: from [127.0.0.1] (helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1vqq0t-0000rq-9P; Fri, 13 Feb 2026 11:03:03 +0100 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1vqq0j-0000gW-7e; Fri, 13 Feb 2026 11:02:53 +0100 Received: from dude05.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::54]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vqq0h-000YeP-2H; Fri, 13 Feb 2026 11:02:53 +0100 Received: from mol by dude05.red.stw.pengutronix.de with local (Exim 4.98.2) (envelope-from ) id 1vqq0j-0000000Bghy-00lq; Fri, 13 Feb 2026 11:02:53 +0100 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Fri, 13 Feb 2026 11:02:52 +0100 Message-ID: <20260213100252.2785771-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260127152906.3381524-1-m.tretter@pengutronix.de> References: <20260127152906.3381524-1-m.tretter@pengutronix.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [ptxdist] [APPLIED] optee: version bump 4.8.0 -> 4.9.0 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Michael Tretter Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as cb12e6912d0519a2aace100525130f277e23db85. Michael [sent from post-receive hook] On Fri, 13 Feb 2026 11:02:52 +0100, Michael Tretter wrote: > optee-client: > > - Drop the patches, since they are included in 4.9.0. > > - Add CFG_UDEV_RULESPREFIX with default setting. > > Signed-off-by: Michael Tretter > Message-Id: <20260127152906.3381524-1-m.tretter@pengutronix.de> > Signed-off-by: Michael Olbrich > > diff --git a/patches/optee-client-4.8.0/0001-tee-supplicant-add-missing-rule-for-the-mmcblk-0-9-r.patch b/patches/optee-client-4.8.0/0001-tee-supplicant-add-missing-rule-for-the-mmcblk-0-9-r.patch > deleted file mode 100644 > index c25abac9403d..000000000000 > --- a/patches/optee-client-4.8.0/0001-tee-supplicant-add-missing-rule-for-the-mmcblk-0-9-r.patch > +++ /dev/null > @@ -1,30 +0,0 @@ > -From: Marco Felsch > -Date: Sat, 8 Nov 2025 02:21:18 +0100 > -Subject: [PATCH] tee-supplicant: add missing rule for the mmcblk[0-9]rpmb > - group > - > -Fix rootless tee-supplicant handling for RPMB use-case. The RPMB > -communcation fails badly if the in-kernel RPMB handling was not enabled > -and the rootless tee-supplicant is used because the default group for > -the /dev/mmcblk[0-9]rpmb is 'root'. > - > -Set the group to same group used for /dev/teepriv[0-9] to fix this and > -to allow rootless tee-supplicant usage with legacy user-space RPMB > -handling. > - > -Signed-off-by: Marco Felsch > ---- > - tee-supplicant/optee-udev.rules.in | 3 +++ > - 1 file changed, 3 insertions(+) > - > -diff --git a/tee-supplicant/optee-udev.rules.in b/tee-supplicant/optee-udev.rules.in > -index 275e83388efd..e28fb40c4040 100644 > ---- a/tee-supplicant/optee-udev.rules.in > -+++ b/tee-supplicant/optee-udev.rules.in > -@@ -5,3 +5,6 @@ KERNEL=="tee[0-9]*", MODE="0660", OWNER="root", GROUP="@CFG_TEE_GROUP@", TAG+="s > - # tee-supplicant.service with the device name as parameter > - KERNEL=="teepriv[0-9]*", MODE="0660", OWNER="root", GROUP="@CFG_TEEPRIV_GROUP@", \ > - TAG+="systemd", ENV{SYSTEMD_WANTS}+="tee-supplicant@%k.service" > -+ > -+ACTION=="add", SUBSYSTEM=="mmc_rpmb", KERNEL=="mmcblk[0-9]rpmb", \ > -+ GROUP="@CFG_TEEPRIV_GROUP@" > diff --git a/patches/optee-client-4.8.0/0002-tee-supplicant-add-device-instance-as-start-paramete.patch b/patches/optee-client-4.8.0/0002-tee-supplicant-add-device-instance-as-start-paramete.patch > deleted file mode 100644 > index 6dfc293295a9..000000000000 > --- a/patches/optee-client-4.8.0/0002-tee-supplicant-add-device-instance-as-start-paramete.patch > +++ /dev/null > @@ -1,32 +0,0 @@ > -From: Holger Assmann > -Date: Mon, 1 Dec 2025 10:35:22 +0100 > -Subject: [PATCH] tee-supplicant: add device instance as start parameter for > - service file > - > -tee-supplicant requires a device name as a positional argument. This can > -not be provided via $OPTARGS from the EnvironmentFile, since that > -variable does not account for the service file being a template where > -instance-specific services (i.e. @teepriv0, @teepriv1, ...) are derived > -from. > - > -Therefore, the device instance used for each templated systemd service > -needs to be included directly in the ExecStart line. > - > -Signed-off-by: Holger Assmann > -Acked-by: Jerome Forissier > ---- > - tee-supplicant/tee-supplicant@.service.in | 2 +- > - 1 file changed, 1 insertion(+), 1 deletion(-) > - > -diff --git a/tee-supplicant/tee-supplicant@.service.in b/tee-supplicant/tee-supplicant@.service.in > -index e53a9357f01f..7e10e1d753a4 100644 > ---- a/tee-supplicant/tee-supplicant@.service.in > -+++ b/tee-supplicant/tee-supplicant@.service.in > -@@ -12,6 +12,6 @@ Type=notify > - User=@CFG_TEE_SUPPL_USER@ > - Group=@CFG_TEE_SUPPL_GROUP@ > - EnvironmentFile=-@CMAKE_INSTALL_SYSCONFDIR@/default/tee-supplicant > --ExecStart=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_SBINDIR@/tee-supplicant $OPTARGS > -+ExecStart=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_SBINDIR@/tee-supplicant $OPTARGS /dev/%I > - # Workaround for fTPM TA: stop kernel module before tee-supplicant > - ExecStop=-/bin/sh -c "/sbin/modprobe -v -r tpm_ftpm_tee ; /bin/kill $MAINPID" > diff --git a/patches/optee-client-4.8.0/0003-tee-supplicant-add-priority-prefix-for-udev-rule.patch b/patches/optee-client-4.8.0/0003-tee-supplicant-add-priority-prefix-for-udev-rule.patch > deleted file mode 100644 > index 3359d2db7467..000000000000 > --- a/patches/optee-client-4.8.0/0003-tee-supplicant-add-priority-prefix-for-udev-rule.patch > +++ /dev/null > @@ -1,45 +0,0 @@ > -From: Holger Assmann > -Date: Mon, 1 Dec 2025 09:31:12 +0100 > -Subject: [PATCH] tee-supplicant: add priority prefix for udev rule > - > -The manpage of udev states that "All rule files are read in lexical > -order." This coincides with the established convention of assigning a > -two-digit priority prefix in front of the respective rule file name. > - > -In case of "optee-udev.rules", we are currently missing that prefix. > -When looking for context, it seems suitable to choose a priority in the > -realm of the already existing "60-tpm-udev.rules", since that serves a > -similar purpose like the rule for optee-client. > - > -This commit hence changes the installed rule file name to > -"60-optee-udev.rules", with "60-" being a configurable default value. > - > -Signed-off-by: Holger Assmann > -Acked-by: Jerome Forissier > ---- > - tee-supplicant/CMakeLists.txt | 7 ++++--- > - 1 file changed, 4 insertions(+), 3 deletions(-) > - > -diff --git a/tee-supplicant/CMakeLists.txt b/tee-supplicant/CMakeLists.txt > -index b47d4e377e98..5a8b387f9a7d 100644 > ---- a/tee-supplicant/CMakeLists.txt > -+++ b/tee-supplicant/CMakeLists.txt > -@@ -18,6 +18,7 @@ set(CFG_TEE_FS_PARENT_PATH "${CMAKE_INSTALL_LOCALSTATEDIR}/lib/tee" CACHE STRING > - # FIXME: Why do we have if defined(CFG_GP_SOCKETS) && CFG_GP_SOCKETS == 1 in the c-file? > - set(CFG_GP_SOCKETS "1" CACHE STRING "Enable GlobalPlatform Socket API support") > - set(CFG_TEE_PLUGIN_LOAD_PATH "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/${PROJECT_NAME}/plugins/" CACHE STRING "tee-supplicant's plugins path") > -+set(CFG_UDEV_RULESPREFIX "60-" CACHE STRING "Priority prefix for udev rule") > - > - set(CFG_TEE_GROUP "tee" CACHE STRING "Group which has access to /dev/tee* devices") > - set(CFG_TEEPRIV_GROUP "teepriv" CACHE STRING "Group which has access to /dev/teepriv* devices") > -@@ -150,6 +151,6 @@ if (CFG_ENABLE_SYSTEMD) > - install(FILES ${CMAKE_BINARY_DIR}/${PROJECT_NAME}/tee-supplicant@.service DESTINATION ${SYSTEMD_UNIT_DIR}) > - endif() > - if (CFG_ENABLE_UDEV) > -- configure_file(optee-udev.rules.in optee-udev.rules @ONLY) > -- install(FILES ${CMAKE_BINARY_DIR}/${PROJECT_NAME}/optee-udev.rules DESTINATION ${UDEV_UDEV_DIR}) > --endif() > -\ No newline at end of file > -+ configure_file(optee-udev.rules.in ${CFG_UDEV_RULESPREFIX}optee-udev.rules @ONLY) > -+ install(FILES ${CMAKE_BINARY_DIR}/${PROJECT_NAME}/${CFG_UDEV_RULESPREFIX}optee-udev.rules DESTINATION ${UDEV_UDEV_DIR}) > -+endif() > diff --git a/patches/optee-client-4.8.0/series b/patches/optee-client-4.8.0/series > deleted file mode 100644 > index 8a0a2fbb5c9d..000000000000 > --- a/patches/optee-client-4.8.0/series > +++ /dev/null > @@ -1,6 +0,0 @@ > -# generated by git-ptx-patches > -#tag:base --start-number 1 > -0001-tee-supplicant-add-missing-rule-for-the-mmcblk-0-9-r.patch > -0002-tee-supplicant-add-device-instance-as-start-paramete.patch > -0003-tee-supplicant-add-priority-prefix-for-udev-rule.patch > -# eb1647eb8fde26a3ed3fb30aa6c42307 - git-ptx-patches magic > diff --git a/rules/optee-client.make b/rules/optee-client.make > index 32f1e425ccbc..1d0dea0340a1 100644 > --- a/rules/optee-client.make > +++ b/rules/optee-client.make > @@ -14,8 +14,8 @@ PACKAGES-$(PTXCONF_OPTEE_CLIENT) += optee-client > # > # Paths and names > # > -OPTEE_CLIENT_VERSION := 4.8.0 > -OPTEE_CLIENT_MD5 := bde72d8c86946a7db8d4ee430c6b360a > +OPTEE_CLIENT_VERSION := 4.9.0 > +OPTEE_CLIENT_MD5 := 6af32763e18dd5efe0b5edc1f88c6060 > OPTEE_CLIENT := optee-client-$(OPTEE_CLIENT_VERSION) > OPTEE_CLIENT_SUFFIX := tar.gz > OPTEE_CLIENT_URL := https://github.com/OP-TEE/optee_client/archive/$(OPTEE_CLIENT_VERSION).$(OPTEE_CLIENT_SUFFIX) > @@ -49,6 +49,7 @@ OPTEE_CLIENT_CONF_OPT := \ > -DCFG_TEE_SUPPL_USER=teesuppl \ > -DCFG_TEE_SUPP_LOG_LEVEL=1 \ > -DCFG_TEE_SUPP_PLUGINS=$(call ptx/onoff, PTXCONF_OPTEE_CLIENT_SUPPLICANT_PLUGINS) \ > + -DCFG_UDEV_RULESPREFIX=60- \ > -DCFG_USE_PKGCONFIG=OFF \ > -DCFG_WERROR=ON \ > -DRPMB_EMU=$(call ptx/onoff, PTXCONF_OPTEE_CLIENT_SUPPLICANT_RPMB_EMULATION) \ > diff --git a/rules/optee-examples.make b/rules/optee-examples.make > index 7b930dd834ea..3b19af190672 100644 > --- a/rules/optee-examples.make > +++ b/rules/optee-examples.make > @@ -16,8 +16,8 @@ endif > # > # Paths and names > # > -OPTEE_EXAMPLES_VERSION := 4.8.0 > -OPTEE_EXAMPLES_MD5 := f7e5b0c1293481383f6afb3b317413be > +OPTEE_EXAMPLES_VERSION := 4.9.0 > +OPTEE_EXAMPLES_MD5 := dcdca94cf42436c658275248449a38e9 > OPTEE_EXAMPLES := optee-examples-$(OPTEE_EXAMPLES_VERSION) > OPTEE_EXAMPLES_SUFFIX := tar.gz > OPTEE_EXAMPLES_URL := https://github.com/linaro-swg/optee_examples/archive/$(OPTEE_EXAMPLES_VERSION).$(OPTEE_EXAMPLES_SUFFIX) > diff --git a/rules/optee-test.make b/rules/optee-test.make > index 8dd8e8b598c9..31c56d1827a7 100644 > --- a/rules/optee-test.make > +++ b/rules/optee-test.make > @@ -16,8 +16,8 @@ endif > # > # Paths and names > # > -OPTEE_TEST_VERSION := 4.8.0 > -OPTEE_TEST_MD5 := 331d2a0019aae3bb31efecd9ad4e61f2 > +OPTEE_TEST_VERSION := 4.9.0 > +OPTEE_TEST_MD5 := 26d61e487d97abd71952c50075f84c32 > OPTEE_TEST := optee-test-$(OPTEE_TEST_VERSION) > OPTEE_TEST_SUFFIX := tar.gz > OPTEE_TEST_URL := https://github.com/OP-TEE/optee_test/archive/$(OPTEE_TEST_VERSION).$(OPTEE_TEST_SUFFIX) > diff --git a/rules/optee.make b/rules/optee.make > index f1ff83765d17..29b47e09fe8c 100644 > --- a/rules/optee.make > +++ b/rules/optee.make > @@ -16,8 +16,8 @@ endif > # > # Paths and names > # > -OPTEE_VERSION := 4.8.0 > -OPTEE_MD5 := ada772c4d9cb8ee977d1b6962f91e167 > +OPTEE_VERSION := 4.9.0 > +OPTEE_MD5 := 1ead0817586f996ed1ee15785af33b67 > OPTEE := optee-$(OPTEE_VERSION) > OPTEE_SUFFIX := tar.gz > OPTEE_URL := https://github.com/OP-TEE/optee_os/archive/$(OPTEE_VERSION).$(OPTEE_SUFFIX)