binman: Add support for TEE BL32

Add an entry for OP-TEE Trusted OS 'BL32' payload.
This is required by platforms using Cortex-A cores with TrustZone
technology.

Signed-off-by: Roger Quadros <rogerq@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add missing-blob-help, renumber the test file, update entry-docs:
Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Roger Quadros 2022-02-19 20:50:04 +02:00 committed by Simon Glass
parent 4d38dd77f9
commit 47f420ae08
6 changed files with 62 additions and 0 deletions

View File

@ -1327,6 +1327,7 @@ cmd_binman = $(srctree)/tools/binman/binman $(if $(BINMAN_DEBUG),-D) \
-I arch/$(ARCH)/dts -a of-list=$(CONFIG_OF_LIST) \
$(foreach f,$(BINMAN_INDIRS),-I $(f)) \
-a atf-bl31-path=${BL31} \
-a tee-os-path=${TEE} \
-a opensbi-path=${OPENSBI} \
-a default-dt=$(default_dt) \
-a scp-path=$(SCP) \

View File

@ -1103,6 +1103,19 @@ available. This is set by the `SetAllowMissing()` method, if
Entry: tee-os: Entry containing an OP-TEE Trusted OS (TEE) blob
---------------------------------------------------------------
Properties / Entry arguments:
- tee-os-path: Filename of file to read into entry. This is typically
called tee-pager.bin
This entry holds the run-time firmware, typically started by U-Boot SPL.
See the U-Boot README for your architecture or board for how to use it. See
https://github.com/OP-TEE/optee_os for more information about OP-TEE.
Entry: text: An entry which contains text
-----------------------------------------

View File

@ -0,0 +1,22 @@
# SPDX-License-Identifier: GPL-2.0+
# Copyright (C) 2022 Texas Instruments Incorporated - https://www.ti.com/
#
# Entry-type module for OP-TEE Trusted OS firmware blob
#
from binman.etype.blob_named_by_arg import Entry_blob_named_by_arg
class Entry_tee_os(Entry_blob_named_by_arg):
"""Entry containing an OP-TEE Trusted OS (TEE) blob
Properties / Entry arguments:
- tee-os-path: Filename of file to read into entry. This is typically
called tee-pager.bin
This entry holds the run-time firmware, typically started by U-Boot SPL.
See the U-Boot README for your architecture or board for how to use it. See
https://github.com/OP-TEE/optee_os for more information about OP-TEE.
"""
def __init__(self, section, etype, node):
super().__init__(section, etype, node, 'tee-os')
self.external = True

View File

@ -84,6 +84,7 @@ FSP_M_DATA = b'fsp_m'
FSP_S_DATA = b'fsp_s'
FSP_T_DATA = b'fsp_t'
ATF_BL31_DATA = b'bl31'
TEE_OS_DATA = b'this is some tee OS data'
ATF_BL2U_DATA = b'bl2u'
OPENSBI_DATA = b'opensbi'
SCP_DATA = b'scp'
@ -188,6 +189,7 @@ class TestFunctional(unittest.TestCase):
TestFunctional._MakeInputFile('compress', COMPRESS_DATA)
TestFunctional._MakeInputFile('compress_big', COMPRESS_DATA_BIG)
TestFunctional._MakeInputFile('bl31.bin', ATF_BL31_DATA)
TestFunctional._MakeInputFile('tee-pager.bin', TEE_OS_DATA)
TestFunctional._MakeInputFile('bl2u.bin', ATF_BL2U_DATA)
TestFunctional._MakeInputFile('fw_dynamic.bin', OPENSBI_DATA)
TestFunctional._MakeInputFile('scp.bin', SCP_DATA)
@ -5296,5 +5298,11 @@ fdt fdtmap Extract the devicetree blob from the fdtmap
fnode = mkimage_dtb.GetNode('/images/fdt-1/hash')
self.assertIn('value', fnode.props)
def testPackTeeOs(self):
"""Test that an image with an TEE binary can be created"""
data = self._DoReadFile('222_tee_os.dts')
self.assertEqual(TEE_OS_DATA, data[:len(TEE_OS_DATA)])
if __name__ == "__main__":
unittest.main()

View File

@ -33,3 +33,7 @@ k3-rti-wdt-firmware:
If CONFIG_WDT_K3_RTI_LOAD_FW is enabled, a firmware image is needed for
the R5F core(s) to trigger the system reset. One possible source is
https://github.com/siemens/k3-rti-wdt.
tee-os:
See the documentation for your board. You may need to build Open Portable
Trusted Execution Environment (OP-TEE) with TEE=/path/to/tee.bin

View File

@ -0,0 +1,14 @@
// SPDX-License-Identifier: GPL-2.0+
/dts-v1/;
/ {
#address-cells = <1>;
#size-cells = <1>;
binman {
tee-os {
filename = "tee-pager.bin";
};
};
};