@@ -5,8 +5,8 @@ LICENSE = "Apache-2.0 & BSD-3-Clause & BSD-2-Clause & Zlib"
SRC_URI = "git://git.trustedfirmware.org/TS/trusted-services.git;protocol=https;branch=integration;name=trusted-services;destsuffix=git/trusted-services \
"
-#latest on 12.10.22.
-SRCREV_trusted-services = "3d4956770f89eb9ae0a73257901ae6277c078da6"
+#Latest on 2023 April 25
+SRCREV="0d292e7c879076ea36cc39e30e0ac930b71e8cd8"
LIC_FILES_CHKSUM = "file://${S}/license.rst;md5=ea160bac7f690a069c608516b17997f4"
S = "${WORKDIR}/git/trusted-services"
@@ -17,14 +17,14 @@ SRC_URI += "git://github.com/dgibson/dtc;name=dtc;protocol=https;branch=main;des
SRCREV_dtc = "b6910bec11614980a21e46fbccc35934b671bd81"
LIC_FILES_CHKSUM += "file://../dtc/README.license;md5=a1eb22e37f09df5b5511b8a278992d0e"
-# MbedTLS, tag "mbedtls-3.1.0"
+# MbedTLS, tag "mbedtls-3.3.0"
SRC_URI += "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;branch=master;destsuffix=git/mbedtls"
-SRCREV_mbedtls = "d65aeb37349ad1a50e0f6c9b694d4b5290d60e49"
+SRCREV_mbedtls = "8c89224991adff88d53cd380f42a2baa36f91454"
LIC_FILES_CHKSUM += "file://../mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
-# Nanopb, tag "nanopb-0.4.6"
+# Nanopb, tag "nanopb-0.4.2"
SRC_URI += "git://github.com/nanopb/nanopb.git;name=nanopb;protocol=https;branch=master;destsuffix=git/nanopb"
-SRCREV_nanopb = "afc499f9a410fc9bbf6c9c48cdd8d8b199d49eb4"
+SRCREV_nanopb = "df0e92f474f9cca704fe2b31483f0b4d1b1715a4"
LIC_FILES_CHKSUM += "file://../nanopb/LICENSE.txt;md5=9db4b73a55a3994384112efcdb37c01f"
# qcbor, tag "v1.0.0"
@@ -54,15 +54,12 @@ LIC_FILES_CHKSUM += "file://../openamp/LICENSE.md;md5=a8d8cf662ef6bf9936a1e14135
# TS ships patches for external dependencies that needs to be applied
apply_ts_patches() {
- for p in ${S}/external/qcbor/*.patch; do
- patch -p1 -N -d ${WORKDIR}/git/qcbor < ${p} || true
- done
- for p in ${S}/external/t_cose/*.patch; do
- patch -p1 -N -d ${WORKDIR}/git/tcose < ${p} || true
- done
- for p in ${S}/external/CppUTest/*.patch; do
- patch -p1 -d ${WORKDIR}/git/cpputest < ${p}
- done
+ ( cd ${WORKDIR}/git/qcbor; git stash; git branch -f bf_am; git am ${S}/external/qcbor/*.patch; git reset bf_am )
+ ( cd ${WORKDIR}/git/tcose; git stash; git branch -f bf_am; git am ${S}/external/t_cose/*.patch; git reset bf_am )
+ ( cd ${WORKDIR}/git/mbedtls; git stash; git branch -f bf_am; git am ${S}/external/MbedTLS/*.patch; git reset bf_am )
+ ( cd ${WORKDIR}/git/cpputest; git stash; git apply ${S}/external/CppUTest/*.patch )
+ ( cd ${WORKDIR}/git/dtc; git stash; git apply ${S}/external/libfdt/*.patch )
+ ( cd ${WORKDIR}/git/nanopb; git stash; git apply ${S}/external/nanopb/*.patch )
}
do_patch[postfuncs] += "apply_ts_patches"
@@ -6,6 +6,7 @@ TS_ENV = "arm-linux"
require trusted-services.inc
+DEPENDS += "python3-jsonschema-native python3-jinja2-native"
DEPENDS += "libts"
RDEPENDS:${PN} += "libts"
@@ -22,9 +22,7 @@ OECMAKE_SOURCEPATH = "${S}/deployments/newlib/${TS_ENV}/"
# TS ships a patch that needs to be applied to newlib
apply_ts_patch() {
- for p in ${S}/external/newlib/*.patch; do
- patch -p1 -d ${WORKDIR}/git/newlib < ${p}
- done
+ ( cd ${WORKDIR}/git/newlib; git stash; git branch -f bf_am; git am ${S}/external/newlib/*.patch; git reset bf_am )
}
do_patch[postfuncs] += "apply_ts_patch"
@@ -4,6 +4,8 @@ TS_ENV = "arm-linux"
require trusted-services.inc
+DEPENDS += "python3-jsonschema-native python3-jinja2-native"
+
DEPENDS += "libts"
RDEPENDS:${PN} += "libts"
@@ -11,7 +13,7 @@ SRC_URI += "git://github.com/ARM-software/psa-arch-tests.git;name=psatest;protoc
file://0001-Pass-Yocto-build-settings-to-psa-arch-tests-native.patch;patchdir=../psatest \
"
-SRCREV_psatest = "451aa087a40d02c7d04778235014c5619d126471"
+SRCREV_psatest = "38cb53a4d9e292435ddf7899960b15af62decfbe"
LIC_FILES_CHKSUM += "file://../psatest/LICENSE.md;md5=2a944942e1496af1886903d274dedb13"
EXTRA_OECMAKE += "\
@@ -3,5 +3,6 @@ DESCRIPTION = "Trusted Services attestation service provider"
require ts-sp-common.inc
SP_UUID = "${ATTESTATION_UUID}"
+TS_SP_IAT_CONFIG ?= "default"
-OECMAKE_SOURCEPATH="${S}/deployments/attestation/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/attestation/config/${TS_SP_IAT_CONFIG}-${TS_ENV}"
@@ -3,7 +3,8 @@ DESCRIPTION = "Trusted Services crypto service provider"
require ts-sp-common.inc
SP_UUID = "${CRYPTO_UUID}"
+TS_SP_CRYPTO_CONFIG ?= "default"
-DEPENDS += "python3-protobuf-native"
+DEPENDS += "python3-protobuf-native python3-jsonschema-native python3-jinja2-native"
-OECMAKE_SOURCEPATH="${S}/deployments/crypto/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/crypto/config/${TS_SP_CRYPTO_CONFIG}-${TS_ENV}"
@@ -6,5 +6,6 @@ require ts-sp-common.inc
COMPATIBLE_MACHINE ?= "invalid"
SP_UUID = "${ENV_TEST_UUID}"
+TS_SP_ENVTEST_CONFIG ?= "baremetal-fvp_base_revc"
-OECMAKE_SOURCEPATH="${S}/deployments/env-test/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/env-test/config/${TS_SP_ENVTEST_CONFIG}-${TS_ENV}"
@@ -3,5 +3,6 @@ DESCRIPTION = "Trusted Services internal secure storage service provider"
require ts-sp-common.inc
SP_UUID = "${ITS_UUID}"
+TS_SP_ITS_CONFIG ?= "default"
-OECMAKE_SOURCEPATH="${S}/deployments/internal-trusted-storage/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/internal-trusted-storage/config/${TS_SP_ITS_CONFIG}-${TS_ENV}"
@@ -3,7 +3,8 @@ DESCRIPTION = "Trusted Services proxy service providers"
require ts-sp-common.inc
SP_UUID = "${SE_PROXY_UUID}"
+TS_SP_SE_PROXY_CONFIG ?= "default"
DEPENDS += "python3-protobuf-native"
-OECMAKE_SOURCEPATH="${S}/deployments/se-proxy/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/se-proxy/config/${TS_SP_SE_PROXY_CONFIG}-${TS_ENV}"
@@ -3,5 +3,6 @@ DESCRIPTION = "Trusted Services service provider for UEFI SMM services"
require ts-sp-common.inc
SP_UUID = "${SMM_GATEWAY_UUID}"
+TS_SP_SMM_GATEWAY_CONFIG ?= "default"
-OECMAKE_SOURCEPATH="${S}/deployments/smm-gateway/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/smm-gateway/config/${TS_SP_SMM_GATEWAY_CONFIG}-${TS_ENV}"
@@ -3,5 +3,6 @@ DESCRIPTION = "Trusted Services secure storage service provider"
require ts-sp-common.inc
SP_UUID = "${STORAGE_UUID}"
+TS_SP_PS_CONFIG ?= "default"
-OECMAKE_SOURCEPATH="${S}/deployments/protected-storage/${TS_ENV}"
+OECMAKE_SOURCEPATH="${S}/deployments/protected-storage/config/${TS_SP_PS_CONFIG}-${TS_ENV}"