[isar-cip-core][PATCH 3/7] add recipe for trusted firmware a qemu arm64


Schultschik, Sven
 

From: Sven Schultschik <sven.schultschik@...>

provide a recipe to generate the needed binary to start a secure boot qemu with integrated optee and active RPMB replay protected memory emulation within u-boot

Signed-off-by: Sven Schultschik <sven.schultschik@...>
---
.../trusted-firmware-a-qemu-arm64_2.7.0.bb | 61 +++++++++++++++++++
1 file changed, 61 insertions(+)
create mode 100644 recipes-bsp/trusted-firmware-a/trusted-firmware-a-qemu-arm64_2.7.0.bb

diff --git a/recipes-bsp/trusted-firmware-a/trusted-firmware-a-qemu-arm64_2.7.0.bb b/recipes-bsp/trusted-firmware-a/trusted-firmware-a-qemu-arm64_2.7.0.bb
new file mode 100644
index 000000000..791089a21
--- /dev/null
+++ b/recipes-bsp/trusted-firmware-a/trusted-firmware-a-qemu-arm64_2.7.0.bb
@@ -0,0 +1,61 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2022
+#
+# Authors:
+# Sven Schultschik <sven.schultschik@...>
+#
+# SPDX-License-Identifier: MIT
+#
+
+HOMEPAGE = "https://www.trustedfirmware.org/projects/tf-a/"
+MAINTAINER = "Sven Schultschik <sven.schultschik@...>"
+LICENSE = "BSD-3-Clause"
+
+require recipes-bsp/trusted-firmware-a/trusted-firmware-a-custom.inc
+
+SRC_URI += " \
+ git://review.trustedfirmware.org/TF-A/trusted-firmware-a;branch=master;protocol=https;destsuffix=git;rev=v${PV} "
+
+S = "${WORKDIR}/git"
+
+DEPENDS = "optee-os-${MACHINE} u-boot-qemu-arm64"
+DEBIAN_BUILD_DEPENDS += " \
+ debhelper(>= 11~), \
+ optee-os-${MACHINE}, \
+ u-boot-qemu-arm64, \
+ libssl-dev, "
+
+TEEHEADER = "/usr/lib/optee-os/${MACHINE}/tee-header_v2.bin"
+TEEPAGER = "/usr/lib/optee-os/${MACHINE}/tee-pager_v2.bin"
+TEEPAGEABLE = "/usr/lib/optee-os/${MACHINE}/tee-pageable_v2.bin"
+BL33 = "/usr/lib/u-boot/${MACHINE}/u-boot.bin"
+
+TF_A_EXTRA_BUILDARGS = "BL32=${TEEHEADER} \
+ BL32_EXTRA1=${TEEPAGER} \
+ BL32_EXTRA2=${TEEPAGEABLE} \
+ BL33=${BL33} \
+ BL32_RAM_LOCATION=tdram SPD=opteed ${DEBUG} all fip"
+
+TF_A_PLATFORM = "qemu"
+
+TF_A_BINARIES = "release/bl1.bin release/fip.bin"
+
+ISAR_CROSS_COMPILE = "0"
+
+do_deploy[dirs] = "${DEPLOY_DIR_IMAGE}"
+do_deploy() {
+ dpkg --fsys-tarfile "${WORKDIR}/trusted-firmware-a-${MACHINE}_${PV}_${DISTRO_ARCH}.deb" | \
+ tar xOf - "./usr/lib/trusted-firmware-a/${MACHINE}/bl1.bin" \
+ > "${DEPLOY_DIR_IMAGE}/bl1.bin"
+
+ dpkg --fsys-tarfile "${WORKDIR}/trusted-firmware-a-${MACHINE}_${PV}_${DISTRO_ARCH}.deb" | \
+ tar xOf - "./usr/lib/trusted-firmware-a/${MACHINE}/fip.bin" \
+ > "${DEPLOY_DIR_IMAGE}/fip.bin"
+
+ dd if="${DEPLOY_DIR_IMAGE}/bl1.bin" of="${DEPLOY_DIR_IMAGE}/flash.bin" bs=4096 conv=notrunc
+ dd if="${DEPLOY_DIR_IMAGE}/fip.bin" of="${DEPLOY_DIR_IMAGE}/flash.bin" seek=64 bs=4096 conv=notrunc
+}
+
+addtask deploy after do_dpkg_build before do_deploy_deb
\ No newline at end of file
--
2.30.2