Re: [ptxdist] [PATCH 3/5] optee: add the OP-TEE as new target package

mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed

From: Rouven Czerwinski <rouven@czerwinskis.de>
To: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH 3/5] optee: add the OP-TEE as new target package
Date: Mon, 04 Feb 2019 15:26:15 +0100	[thread overview]
Message-ID: <87ftt3d3zs.fsf@czerwinskis.de> (raw)
In-Reply-To: <20190204140345.b5xqd6jnua7wuc7e@pengutronix.de>


Michael Olbrich <m.olbrich@pengutronix.de> writes:

> On Mon, Feb 04, 2019 at 10:56:00AM +0100, Rouven Czerwinski wrote:
>> Provide two KConfig files to allow inclusion of OP-TEE for userspace libraries
>> and applications.
>> 
>> Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
>> ---
>>  platforms/optee.in |  54 ++++++++++++++++++++++-
>>  rules/optee.in     |   7 +++-
>>  rules/optee.make   | 113 ++++++++++++++++++++++++++++++++++++++++++++++-
>>  3 files changed, 174 insertions(+)
>>  create mode 100644 platforms/optee.in
>>  create mode 100644 rules/optee.in
>>  create mode 100644 rules/optee.make
>> 
>> diff --git a/platforms/optee.in b/platforms/optee.in
>> new file mode 100644
>> index 0000000..b750774
>> --- /dev/null
>> +++ b/platforms/optee.in
>> @@ -0,0 +1,54 @@
>> +## SECTION=bootloader
>> +
>> +menuconfig OPTEE
>> +	select BOOTLOADER
>> +	prompt "OPTEE"
>
> Spaces.
>
> And "OP-TEE" or "optee" I think.
I think it should be OP-TEE.

>> +	bool
>> +	help
>> +	  OP-TEE is an open source project which contains a full implementation
>> +	  to make up a complete Trusted Execution Environment. The project has
>> +	  roots in a proprietary solution, initially created by ST-Ericsson and
>> +	  then owned and maintained by STMicroelectronics. In 2014, Linaro
>> +	  started working with STMicroelectronics to transform the proprietary
>> +	  TEE solution into an open source TEE solution instead.
>> +
>> +if OPTEE
>> +
>> +config OPTEE_VERSION
>> +	string
>> +	prompt "OPTEE version"
>> +	help
>> +	  Enter the OPTEE version you want to build. Usally something like
>> +	  "3.1.0"
>
> Why is this needed?

It's not needed and should be configured in the makefile.
I will remove the Kconfig entry, otherwise the different packages could
get incompatible anyway.

>> +
>> +config OPTEE_MD5
>> +	string
>> +	prompt "OPTEE source md5"
>> +
>> +config OPTEE_PLATFORM
>> +	string
>> +	prompt "OPTEE Platform"
>> +	help
>> +	  Platform to use for OP-TEE.
>> +	  i.e. imx for the NXP imx platform or vexpress for versatile express
>> +	  platforms.
>> +
>> +config OPTEE_PLATFORM_FLAVOUR
>> +	string
>> +	prompt "OPTEE Platform Flavour"
>> +	help
>> +	  Platform Flavour for the selected platform, i.e. mx6qsabresd for the
>> +	  imx platform.
>> +
>> +config OPTEE_CFG
>> +	string
>> +	prompt "OP-TEE CFG Flags"
>> +	help
>> +	  Refer to the following file for the CFG_FLAGS:
>> +	  https://github.com/OP-TEE/optee_os/blob/master/mk/config.mk
>> +
>> +config OPTEE_IMAGES
>> +	bool
>> +	prompt "copy optee to images directory"
>
> Why is this optional?

I will remove the KConfig option.
>
>> +
>> +endif
>> diff --git a/rules/optee.in b/rules/optee.in
>> new file mode 100644
>> index 0000000..77f112f
>> --- /dev/null
>> +++ b/rules/optee.in
>> @@ -0,0 +1,7 @@
>> +## SECTION=security
>> +
>> +menuconfig OPTEE
>> +	prompt "OP-TEE"
>
> Spaces.
will fix.

>
>> +	bool
>> +	help
>> +	  OP-TEE Secure Operating System
>> diff --git a/rules/optee.make b/rules/optee.make
>> new file mode 100644
>> index 0000000..2865c92
>> --- /dev/null
>> +++ b/rules/optee.make
>> @@ -0,0 +1,113 @@
>> +# -*-makefile-*-
>> +#
>> +# Copyright (C) 2018 by Rouven Czerwinski <rouven@czerwinskis.de>
>> +#
>> +# See CREDITS for details about who has contributed to this project.
>> +#
>> +# For further information about the PTXdist project and license conditions
>> +# see the README file.
>> +#
>> +
>> +#
>> +# We provide this package
>> +#
>> +ifdef PTXCONF_ARCH_ARM64
>> +ifneq ($(shell test -h $(PTXDIST_WORKSPACE)/selected_toolchain_optee_aarch32 && echo ok),ok)
>> +    $(warning *** selected_toolchain_optee_aarch32 must point to a valid optee_aarch32 toolchain)
>> +    $(error )
>
> Just $(error ). warning+error only make sense for multiple lines.
>
>> +endif
>> +ifneq ($(shell test -x $(PTXDIST_WORKSPACE)/selected_toolchain_optee_aarch32/$(PTXCONF_OPTEE_AARCH32_CC_PREFIX)gcc && echo ok),ok)
>> +    $(warning *** $(PTXDIST_WORKSPACE)/selected_toolchain_optee_aarch32/$(PTXCONF_OPTEE_AARCH32_CC_PREFIX)gcc not found)
>> +    $(error )
>> +endif
>> +endif
>
> And why do we need the extra toolchain anyways?
Due to OP-TEEs build system, see
https://github.com/OP-TEE/optee_website/tree/master/build_system#cross_compile-cross-compiler-selection

>> +
>> +PACKAGES-$(PTXCONF_OPTEE) += optee
>> +
>> +#
>> +# Paths and names
>> +#
>> +OPTEE_VERSION	:= $(call remove_quotes,$(PTXCONF_OPTEE_VERSION))
>> +OPTEE_MD5	:= $(call remove_quotes,$(PTXCONF_OPTEE_MD5))
>> +OPTEE		:= optee-$(OPTEE_VERSION)
>> +OPTEE_SUFFIX	:= tar.gz
>> +OPTEE_URL	:= https://github.com/OP-TEE/optee_os/archive/$(OPTEE_VERSION).$(OPTEE_SUFFIX)
>> +OPTEE_SOURCE	:= $(SRCDIR)/$(OPTEE).$(OPTEE_SUFFIX)
>> +OPTEE_DIR	:= $(BUILDDIR)/$(OPTEE)
>> +OPTEE_LICENSE	:= BSD-2-Clause AND BSD-3-Clause
>> +
>> +# ----------------------------------------------------------------------------
>> +# Prepare
>> +# ----------------------------------------------------------------------------
>> +
>> +OPTEE_WRAPPER_BLACKLIST := \
>> +	TARGET_HARDEN_RELRO \
>> +	TARGET_HARDEN_BINDNOW \
>> +	TARGET_HARDEN_PIE \
>> +	TARGET_DEBUG \
>> +	TARGET_BUILD_ID
>> +
>> +OPTEE_CONF_TOOL := NO
>> +
>> +$(STATEDIR)/optee.prepare:
>> +	@$(call targetinfo)
>> +	@$(call touch)
>
> This is the sam as conf_tool = no
I will remove the prepare statements.

>
>> +
>> +
>> +# ----------------------------------------------------------------------------
>> +# Compile
>> +# ----------------------------------------------------------------------------
>> +
>> +ifdef PTXCONF_ARCH_ARM64
>> +OPTEE_CROSS_COMPILE32= $(PTXDIST_WORKSPACE)/selected_toolchain_optee_aarch32/$(call remove_quotes,$(PTXCONF_OPTEE_AARCH32_CC_PREFIX))
>> +OPTEE_MAKE_ENV += CROSS_COMPILE32=$(OPTEE_CROSS_COMPILE32)
>> +OPTEE_MAKE_OPT += CFG_ARM64_core=y
>> +OPTEE_MAKE_ENV += CROSS_COMPILE64=$(call remove_quotes,$(PTXCONF_COMPILER_PREFIX))
>> +endif
>> +
>> +OPTEE_MAKE_OPT += PLATFORM=$(call remove_quotes,$(PTXCONF_OPTEE_PLATFORM))-$(call remove_quotes,$(PTXCONF_OPTEE_PLATFORM_FLAVOUR))
>> +OPTEE_MAKE_OPT += $(call remove_quotes,$(PTXCONF_OPTEE_CFG))
>> +
>> +$(STATEDIR)/optee.compile:
>> +	@$(call targetinfo)
>> +	@$(call world/compile, OPTEE)
>> +	@$(call touch)
>
> This is the default.

Will remove as well.
>
>> +
>> +# ----------------------------------------------------------------------------
>> +# Install
>> +# ----------------------------------------------------------------------------
>> +ifdef PTXCONF_ARCH_ARM64
>> +OPTEE_LIB_DIR = export-ta_arm64
>> +else
>> +OPTEE_LIB_DIR = export-ta_arm32
>> +endif
>> +
>> +OPTEE_OUT_DIR        := \
>> +    $(OPTEE_DIR)/out/arm-plat-$(PTXCONF_OPTEE_PLATFORM)
>> +
>> +$(STATEDIR)/optee.install:
>> +	@$(call targetinfo)
>> +	@rm -rf $(OPTEES_PKGDIR)
>> +	@install -d -m755 $(OPTEE_PKGDIR)/usr/lib/optee-os
>> +	@cp -av $(OPTEE_OUT_DIR)/$(OPTEE_LIB_DIR)/* $(OPTEE_PKGDIR)/usr/lib/optee-os
>> +ifdef PTXCONF_OPTEE_IMAGES
>> +	@install -D -m644 $(OPTEE_OUT_DIR)/core/tee.bin $(IMAGEDIR)/tee.bin
>> +	@install -D -m644 $(OPTEE_OUT_DIR)/core/tee-header_v2.bin $(IMAGEDIR)/tee-header_v2.bin
>> +	@install -D -m644 $(OPTEE_OUT_DIR)/core/tee-pager_v2.bin $(IMAGEDIR)/tee-pager_v2.bin
>> +	@install -D -m644 $(OPTEE_OUT_DIR)/core/tee-pageable_v2.bin $(IMAGEDIR)/tee-pageable_v2.bin
>> +	@install -D -m644 $(OPTEE_OUT_DIR)/core/tee.elf $(IMAGEDIR)/tee.elf
>
> Also add '-v'.
>
> make this a list and loop with foreach.

will fix.
>
>> +endif
>> +	@$(call touch)
>> +
>> +# ----------------------------------------------------------------------------
>> +# Clean
>> +# ----------------------------------------------------------------------------
>> +
>> +$(STATEDIR)/optee.clean:
>> +	@$(call targetinfo)
>> +	@rm -f $(IMAGEDIR)/tee.bin $(IMAGEDIR)/tee-header_v2.bin
>> +	@rm -f $(IMAGEDIR)/tee-pager_v2.bin $(IMAGEDIR)/tee-pageable_v2.bin
>> +	@rm -f $(IMAGEDIR)/tee-pager_v2.bin $(IMAGEDIR)/tee.elf
>
> and reuse it here.

Yes.
>
> mol
>
>> +	@$(call clean_pkg, OPTEE)
>> +
>> +# vim: syntax=make
>> -- 
>> git-series 0.9.1
>> 
>> _______________________________________________
>> ptxdist mailing list
>> ptxdist@pengutronix.de


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

next prev parent reply	other threads:[~2019-02-04 14:26 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-04  9:55 [ptxdist] [PATCH 0/5] Support for OP-TEE (Open Portable Trusted Execution Environment) Rouven Czerwinski
2019-02-04  9:55 ` [ptxdist] [PATCH 1/5] optee-client: bump to 3.4.0 Rouven Czerwinski
2019-02-04  9:55 ` [ptxdist] [PATCH 2/5] optee-client: add tee-supplicant service file Rouven Czerwinski
2019-02-04 13:22   ` Michael Olbrich
2019-02-04 14:28     ` Rouven Czerwinski
2019-02-04  9:56 ` [ptxdist] [PATCH 3/5] optee: add the OP-TEE as new target package Rouven Czerwinski
2019-02-04 14:03   ` Michael Olbrich
2019-02-04 14:26     ` Rouven Czerwinski [this message]
2019-02-04 14:51       ` Michael Olbrich
2019-02-04  9:56 ` [ptxdist] [PATCH 4/5] optee_test: add new optee_test " Rouven Czerwinski
2019-02-04 14:43   ` Michael Olbrich
2019-02-04  9:56 ` [ptxdist] [PATCH 5/5] optee_examples: add as new " Rouven Czerwinski
2019-02-04 14:54   ` Michael Olbrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87ftt3d3zs.fsf@czerwinskis.de \
    --to=rouven@czerwinskis.de \
    --cc=ptxdist@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox