| Message ID | 20220219185004.5452-1-rogerq@kernel.org |
|---|---|
| State | Accepted |
| Delegated to: | Simon Glass |
| Headers | show |
| Series | [u-boot,v2] binman: Add support for TEE BL32 | expand |
On Sat, 19 Feb 2022 at 11:50, Roger Quadros <rogerq@kernel.org> wrote: > > Add an entry for OP-TEE Trusted OS 'BL32' payload. > This is required by platforms using Cortex-A cores with TrustZone > technology. > > Signed-off-by: Roger Quadros <rogerq@kernel.org> > --- > Changelog: > v2: > - use 'tee-os' for entry name instead of 'bl32' > - use ${TEE} instead of ${BL32} for environment variable > - Use next available test file number for test device tree > - drop size property from test device node. > > Makefile | 1 + > tools/binman/entries.rst | 13 +++++++++++++ > tools/binman/etype/tee_os.py | 22 ++++++++++++++++++++++ > tools/binman/ftest.py | 7 +++++++ > tools/binman/test/220_tee_os.dts | 14 ++++++++++++++ > 5 files changed, 57 insertions(+) > create mode 100644 tools/binman/etype/tee_os.py > create mode 100644 tools/binman/test/220_tee_os.dts Reviewed-by: Simon Glass <sjg@chromium.org> I will renumber the test file and add missing-blob-help when applying.
On 20/02/2022 00:12, Simon Glass wrote: > On Sat, 19 Feb 2022 at 11:50, Roger Quadros <rogerq@kernel.org> wrote: >> >> Add an entry for OP-TEE Trusted OS 'BL32' payload. >> This is required by platforms using Cortex-A cores with TrustZone >> technology. >> >> Signed-off-by: Roger Quadros <rogerq@kernel.org> >> --- >> Changelog: >> v2: >> - use 'tee-os' for entry name instead of 'bl32' >> - use ${TEE} instead of ${BL32} for environment variable >> - Use next available test file number for test device tree >> - drop size property from test device node. >> >> Makefile | 1 + >> tools/binman/entries.rst | 13 +++++++++++++ >> tools/binman/etype/tee_os.py | 22 ++++++++++++++++++++++ >> tools/binman/ftest.py | 7 +++++++ >> tools/binman/test/220_tee_os.dts | 14 ++++++++++++++ >> 5 files changed, 57 insertions(+) >> create mode 100644 tools/binman/etype/tee_os.py >> create mode 100644 tools/binman/test/220_tee_os.dts > > Reviewed-by: Simon Glass <sjg@chromium.org> > > I will renumber the test file and add missing-blob-help when applying. Thank you Simon :) cheers, -roger
On Sun, 20 Feb 2022 at 08:06, Roger Quadros <rogerq@kernel.org> wrote: > > > On 20/02/2022 00:12, Simon Glass wrote: > > On Sat, 19 Feb 2022 at 11:50, Roger Quadros <rogerq@kernel.org> wrote: > >> > >> Add an entry for OP-TEE Trusted OS 'BL32' payload. > >> This is required by platforms using Cortex-A cores with TrustZone > >> technology. > >> > >> Signed-off-by: Roger Quadros <rogerq@kernel.org> > >> --- > >> Changelog: > >> v2: > >> - use 'tee-os' for entry name instead of 'bl32' > >> - use ${TEE} instead of ${BL32} for environment variable > >> - Use next available test file number for test device tree > >> - drop size property from test device node. > >> > >> Makefile | 1 + > >> tools/binman/entries.rst | 13 +++++++++++++ > >> tools/binman/etype/tee_os.py | 22 ++++++++++++++++++++++ > >> tools/binman/ftest.py | 7 +++++++ > >> tools/binman/test/220_tee_os.dts | 14 ++++++++++++++ > >> 5 files changed, 57 insertions(+) > >> create mode 100644 tools/binman/etype/tee_os.py > >> create mode 100644 tools/binman/test/220_tee_os.dts > > > > Reviewed-by: Simon Glass <sjg@chromium.org> > > > > I will renumber the test file and add missing-blob-help when applying. > > Thank you Simon :) Applied to u-boot/dm, thanks!
diff --git a/Makefile b/Makefile index 184223ec63..0968895fcd 100644 --- a/Makefile +++ b/Makefile @@ -1326,6 +1326,7 @@ cmd_binman = $(srctree)/tools/binman/binman $(if $(BINMAN_DEBUG),-D) \ -I arch/$(ARCH)/dts -a of-list=$(CONFIG_OF_LIST) \ $(foreach f,$(BINMAN_INDIRS),-I $(f)) \ -a atf-bl31-path=${BL31} \ + -a tee-os-path=${TEE} \ -a opensbi-path=${OPENSBI} \ -a default-dt=$(default_dt) \ -a scp-path=$(SCP) \ diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst index c47f7df098..b147223661 100644 --- a/tools/binman/entries.rst +++ b/tools/binman/entries.rst @@ -25,6 +25,19 @@ about ATF. +Entry: tee-os: Entry containing an OP-TEE Trusted OS (TEE) blob +--------------------------------------------------------------- + +Properties / Entry arguments: + - tee-os-path: Filename of file to read into entry. This is typically + called tee-pager.bin + +This entry holds the run-time firmware, typically started by U-Boot SPL. +See the U-Boot README for your architecture or board for how to use it. See +https://github.com/OP-TEE/optee_os for more information about OP-TEE. + + + Entry: atf-fip: ARM Trusted Firmware's Firmware Image Package (FIP) ------------------------------------------------------------------- diff --git a/tools/binman/etype/tee_os.py b/tools/binman/etype/tee_os.py new file mode 100644 index 0000000000..6ce4b672de --- /dev/null +++ b/tools/binman/etype/tee_os.py @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: GPL-2.0+ +# Copyright (C) 2022 Texas Instruments Incorporated - https://www.ti.com/ +# +# Entry-type module for OP-TEE Trusted OS firmware blob +# + +from binman.etype.blob_named_by_arg import Entry_blob_named_by_arg + +class Entry_tee_os(Entry_blob_named_by_arg): + """Entry containing an OP-TEE Trusted OS (TEE) blob + + Properties / Entry arguments: + - tee-os-path: Filename of file to read into entry. This is typically + called tee-pager.bin + + This entry holds the run-time firmware, typically started by U-Boot SPL. + See the U-Boot README for your architecture or board for how to use it. See + https://github.com/OP-TEE/optee_os for more information about OP-TEE. + """ + def __init__(self, section, etype, node): + super().__init__(section, etype, node, 'tee-os') + self.external = True diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py index 5400f76c67..b6057da552 100644 --- a/tools/binman/ftest.py +++ b/tools/binman/ftest.py @@ -81,6 +81,7 @@ FSP_M_DATA = b'fsp_m' FSP_S_DATA = b'fsp_s' FSP_T_DATA = b'fsp_t' ATF_BL31_DATA = b'bl31' +TEE_OS_DATA = b'this is some tee OS data' ATF_BL2U_DATA = b'bl2u' OPENSBI_DATA = b'opensbi' SCP_DATA = b'scp' @@ -185,6 +186,7 @@ class TestFunctional(unittest.TestCase): TestFunctional._MakeInputFile('compress', COMPRESS_DATA) TestFunctional._MakeInputFile('compress_big', COMPRESS_DATA_BIG) TestFunctional._MakeInputFile('bl31.bin', ATF_BL31_DATA) + TestFunctional._MakeInputFile('tee-pager.bin', TEE_OS_DATA) TestFunctional._MakeInputFile('bl2u.bin', ATF_BL2U_DATA) TestFunctional._MakeInputFile('fw_dynamic.bin', OPENSBI_DATA) TestFunctional._MakeInputFile('scp.bin', SCP_DATA) @@ -3877,6 +3879,11 @@ class TestFunctional(unittest.TestCase): data = self._DoReadFile('169_atf_bl31.dts') self.assertEqual(ATF_BL31_DATA, data[:len(ATF_BL31_DATA)]) + def testPackTeeOs(self): + """Test that an image with an TEE binary can be created""" + data = self._DoReadFile('220_tee_os.dts') + self.assertEqual(TEE_OS_DATA, data[:len(TEE_OS_DATA)]) + def testPackScp(self): """Test that an image with an SCP binary can be created""" data = self._DoReadFile('172_scp.dts') diff --git a/tools/binman/test/220_tee_os.dts b/tools/binman/test/220_tee_os.dts new file mode 100644 index 0000000000..6885497294 --- /dev/null +++ b/tools/binman/test/220_tee_os.dts @@ -0,0 +1,14 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + tee-os { + filename = "tee-pager.bin"; + }; + }; +};
Add an entry for OP-TEE Trusted OS 'BL32' payload. This is required by platforms using Cortex-A cores with TrustZone technology. Signed-off-by: Roger Quadros <rogerq@kernel.org> --- Changelog: v2: - use 'tee-os' for entry name instead of 'bl32' - use ${TEE} instead of ${BL32} for environment variable - Use next available test file number for test device tree - drop size property from test device node. Makefile | 1 + tools/binman/entries.rst | 13 +++++++++++++ tools/binman/etype/tee_os.py | 22 ++++++++++++++++++++++ tools/binman/ftest.py | 7 +++++++ tools/binman/test/220_tee_os.dts | 14 ++++++++++++++ 5 files changed, 57 insertions(+) create mode 100644 tools/binman/etype/tee_os.py create mode 100644 tools/binman/test/220_tee_os.dts