[Buildroot] [PATCH 2/5] optee-client: new package
Shyam Saini
shyam at amarulasolutions.com
Fri Nov 23 11:48:03 UTC 2018
On Thu, Nov 22, 2018 at 8:53 PM Etienne Carriere
<etienne.carriere at linaro.org> wrote:
>
> OP-TEE client API library and supplicant daemon from the
> OP-TEE project.
>
> The package is added to the Security menu of BR configuration.
>
> Signed-off-by: Etienne Carriere <etienne.carriere at linaro.org>
> ---
> package/Config.in | 1 +
> package/optee-client/Config.in | 62 ++++++++++++++++++++++++++++++++++
> package/optee-client/S30optee | 26 ++++++++++++++
> package/optee-client/optee-client.hash | 4 +++
> package/optee-client/optee-client.mk | 31 +++++++++++++++++
> 5 files changed, 124 insertions(+)
> create mode 100644 package/optee-client/Config.in
> create mode 100644 package/optee-client/S30optee
> create mode 100644 package/optee-client/optee-client.hash
> create mode 100644 package/optee-client/optee-client.mk
>
> diff --git a/package/Config.in b/package/Config.in
> index b60e770..8c3b1bf 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -2047,6 +2047,7 @@ endmenu
>
> menu "Security"
> source "package/checkpolicy/Config.in"
> + source "package/optee-client/Config.in"
> source "package/paxtest/Config.in"
> source "package/policycoreutils/Config.in"
> source "package/refpolicy/Config.in"
> diff --git a/package/optee-client/Config.in b/package/optee-client/Config.in
> new file mode 100644
> index 0000000..c3f28c1
> --- /dev/null
> +++ b/package/optee-client/Config.in
> @@ -0,0 +1,62 @@
> +config BR2_PACKAGE_OPTEE_CLIENT
> + bool "Embed OP-TEE client"
> + help
> + Enable the OP-TEE client package that brings non-secure
> + client application resources for OP-TEE support. OP-TEE
> + client is a component delivered by the OP-TEE project.
> +
> + https://github.com/OP-TEE/optee_client
> +
> + The client API library allows application to invoke
> + trusted applications hosted in the OP-TEE OS secure world.
> + The supplicant provides services hosted by the non-secure
> + world and invoked by the secure world.
> +
> +if BR2_PACKAGE_OPTEE_CLIENT
> +
> +choice
> + prompt "OP-TEE client version"
> + default BR2_PACKAGE_OPTEE_CLIENT_LATEST
> + help
> + Select the version of OP-TEE client you want to use
> +
> +config BR2_PACKAGE_OPTEE_CLIENT_LATEST
> + bool "sync with latest registered release tag"
> + help
> + Sync on latest release tag. This currently fetches the
> + latest registered release tag from the OP-TEE official
> + Git repository.
> +
> +config BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_GIT
> + bool "sync with a specific Git"
> + help
> + Sync with a specific OP-TEE Git repository.
> +
> +endchoice
> +
> +config BR2_PACKAGE_OPTEE_CLIENT_VERSION
> + string
> + default "3.3.0" if BR2_PACKAGE_OPTEE_CLIENT_LATEST
> + default BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_REPO_VERSION \
> + if BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_GIT
> + help
> + Reference in the target Git repository to sync with.
> +
> +if BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_GIT
> +
> +config BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_REPO_URL
> + string "Git repository site"
> + help
> + Specific location of the reference source tree Git
> + repository.
> +
> +config BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_REPO_VERSION
> + string "target reference to pull in the Git repository"
> + help
> + Package version reference to sync with. As source file
> + reference is a Git repository, the version reference can
> + be any Git reference as a tag or a sha1.
> +
> +endif
> +
> +endif #BR2_PACKAGE_OPTEE_CLIENT
> diff --git a/package/optee-client/S30optee b/package/optee-client/S30optee
> new file mode 100644
> index 0000000..c893243
> --- /dev/null
> +++ b/package/optee-client/S30optee
> @@ -0,0 +1,26 @@
> +#!/bin/sh
> +#
> +# /etc/init.d/optee
> +#
> +# Start/stop tee-supplicant (OP-TEE normal world daemon)
> +#
> +case "$1" in
> + start)
> + if [ -e /usr/sbin/tee-supplicant -a -e /dev/teepriv0 ]; then
> + echo "Starting tee-supplicant..."
> + /usr/sbin/tee-supplicant &
> + exit 0
> + else
> + echo "tee-supplicant or TEE device not found"
> + exit 1
> + fi
> +
> + ;;
> + stop)
> + killall tee-supplicant
> + ;;
> + status)
> + cat /dev/teepriv0 2>&1 | grep -q "Device or resource busy" || not="not "
> + echo "tee-supplicant is ${not}active"
> + ;;
> +esac
> diff --git a/package/optee-client/optee-client.hash b/package/optee-client/optee-client.hash
> new file mode 100644
> index 0000000..ed7bf4e
> --- /dev/null
> +++ b/package/optee-client/optee-client.hash
> @@ -0,0 +1,4 @@
> +# From https://github.com/OP-TEE/optee_client/archive/3.3.0.tar.gz
> +sha256 63af1567fdcdbe28b45be274266a89aa81bef3d0fd8ec5a6eb680046a92e1177 optee-client-3.3.0.tar.gz
> +# Locally computed
> +sha256 fda8385993f112d7ca61b88b54ba5b4cbeec7e43a0f9b317d5186703c1985e8f LICENSE
> diff --git a/package/optee-client/optee-client.mk b/package/optee-client/optee-client.mk
> new file mode 100644
> index 0000000..e856ca5
> --- /dev/null
> +++ b/package/optee-client/optee-client.mk
> @@ -0,0 +1,31 @@
> +################################################################################
> +#
> +# optee-client
> +#
> +################################################################################
> +
> +OPTEE_CLIENT_VERSION = $(call qstrip,$(BR2_PACKAGE_OPTEE_CLIENT_VERSION))
> +OPTEE_CLIENT_LICENSE = BSD-3-Clause
> +OPTEE_CLIENT_LICENSE_FILES = LICENSE
> +
> +ifeq ($(BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_GIT),y)
> +OPTEE_CLIENT_SITE = $(call qstrip,$(BR2_PACKAGE_OPTEE_CLIENT_CUSTOM_REPO_URL))
> +OPTEE_CLIENT_SITE_METHOD = git
> +BR_NO_CHECK_HASH_FOR += $(OPTEE_CLIENT_SOURCE)
> +else
> +OPTEE_CLIENT_SITE = $(call github,OP-TEE,optee_client,$(OPTEE_CLIENT_VERSION))
> +endif
> +
> +define OPTEE_CLIENT_INSTALL_SUPPLICANT_SCRIPT
> + $(INSTALL) -m 0755 -D $(OPTEE_CLIENT_PKGDIR)/S30optee \
> + $(TARGET_DIR)/etc/init.d/S30optee
> +endef
> +
> +define OPTEE_CLIENT_INSTALL_INIT_SYSV
> + $(OPTEE_CLIENT_INSTALL_SUPPLICANT_SCRIPT)
> +endef
> +
> +OPTEE_CLIENT_INSTALL_STAGING = YES
> +OPTEE_CLIENT_INSTALL_IMAGES = YES
> +
> +$(eval $(cmake-package))
Tested-by: Shyam Saini <shyam.saini at amarulasolutions.com>
More information about the buildroot
mailing list