@@ -9,6 +9,12 @@ EXTRA_OEMAKE:append:k3 = "${@ ' CFG_CONSOLE_UART='+ d.getVar('OPTEE_K3_USART') i
EXTRA_OEMAKE:append:am62xx = " CFG_WITH_SOFTWARE_PRNG=y CFG_TEE_CORE_LOG_LEVEL=1"
EXTRA_OEMAKE:append:am62axx = " CFG_TEE_CORE_LOG_LEVEL=1"
+do_compile:append:k3() {
+ cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin
+ cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned
+ cp ${B}/core/tee.elf ${B}/bl32.elf
+}
+
# Signing procedure for legacy HS devices
optee_sign_legacyhs() {
( cd ${B}/core/; \
@@ -37,12 +43,48 @@ do_compile:append:dra7xx() {
}
# Signing procedure for K3 devices
-do_compile:append:k3() {
+optee_sign_k3hs() {
${TI_SECURE_DEV_PKG}/scripts/secure-binary-image.sh ${B}/core/tee-pager_v2.bin ${B}/bl32.bin
cp ${B}/core/tee-pager_v2.bin ${B}/bl32.bin.unsigned
cp ${B}/core/tee.elf ${B}/bl32.elf
}
+do_compile:append:am65xx-hs-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:am64xx-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:am62xx-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:am62xx-lp-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:am62axx-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:j721e-hs-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:j7200-hs-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:j721s2-hs-evm() {
+ optee_sign_k3hs
+}
+
+do_compile:append:j784s4-hs-evm() {
+ optee_sign_k3hs
+}
+
do_install:append:ti-soc() {
install -m 644 ${B}/*.optee ${D}${nonarch_base_libdir}/firmware/ || true
install -m 644 ${B}/bl32.bin ${D}${nonarch_base_libdir}/firmware/ || true
We are seeing some testing issues where the new code that signs all of the files at all times is causing issues. So rollback the logic and only sign for platforms that support it. Signed-off-by: Ryan Eatmon <reatmon@ti.com> --- .../optee/optee-os_3.16%.bbappend | 44 ++++++++++++++++++- 1 file changed, 43 insertions(+), 1 deletion(-)