aboutsummaryrefslogtreecommitdiff
path: root/boot/optee-os
diff options
context:
space:
mode:
Diffstat (limited to 'boot/optee-os')
-rw-r--r--boot/optee-os/0001-scripts-pem_to_pub.py-use-Cryptodome-module-instead-.patch34
-rw-r--r--boot/optee-os/0002-config.mk-fix-CFG_OPTEE_REVISION_MINOR.patch32
-rw-r--r--boot/optee-os/0003-mk-core-ta-Configurable-Python-interpreter.patch249
-rw-r--r--boot/optee-os/Config.in4
-rw-r--r--boot/optee-os/optee-os.hash4
5 files changed, 4 insertions, 319 deletions
diff --git a/boot/optee-os/0001-scripts-pem_to_pub.py-use-Cryptodome-module-instead-.patch b/boot/optee-os/0001-scripts-pem_to_pub.py-use-Cryptodome-module-instead-.patch
deleted file mode 100644
index 822ef4b39e..0000000000
--- a/boot/optee-os/0001-scripts-pem_to_pub.py-use-Cryptodome-module-instead-.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 04a8def18caccad27292ba97dc8ea8b3eb3a6afd Mon Sep 17 00:00:00 2001
-From: Etienne Carriere <etienne.carriere@linaro.org>
-Date: Tue, 26 May 2020 11:10:45 +0200
-Subject: [PATCH] scripts/pem_to_pub.py: use Cryptodome module instead of
- Crypto
-
-Upgrade scripts/pem_to_pub.py to use module Cryptodome instead of
-module Crypto for consistency with the other helper Python scripts
-of OP-TEE OS package.
-
-Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
----
- scripts/pem_to_pub_c.py | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py
-index 3a896a393..d3f0e5006 100755
---- a/scripts/pem_to_pub_c.py
-+++ b/scripts/pem_to_pub_c.py
-@@ -21,8 +21,8 @@ def get_args():
-
- def main():
- import array
-- from Crypto.PublicKey import RSA
-- from Crypto.Util.number import long_to_bytes
-+ from Cryptodome.PublicKey import RSA
-+ from Cryptodome.Util.number import long_to_bytes
-
- args = get_args()
-
---
-2.17.1
-
diff --git a/boot/optee-os/0002-config.mk-fix-CFG_OPTEE_REVISION_MINOR.patch b/boot/optee-os/0002-config.mk-fix-CFG_OPTEE_REVISION_MINOR.patch
deleted file mode 100644
index 867836ef0c..0000000000
--- a/boot/optee-os/0002-config.mk-fix-CFG_OPTEE_REVISION_MINOR.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From c5f5e6bf6644a536a0d53bfb9f5c5419150035dd Mon Sep 17 00:00:00 2001
-From: Jens Wiklander <jens.wiklander@linaro.org>
-Date: Mon, 25 May 2020 12:20:08 +0200
-Subject: [PATCH] config.mk: fix CFG_OPTEE_REVISION_MINOR
-
-The current release is 3.9.0, change the revision to match.
-
-Fixes: af141c61fe7a ("Update CHANGELOG for 3.9.0")
-Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
-Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
-Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
-Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
----
- mk/config.mk | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/mk/config.mk b/mk/config.mk
-index c00a14618..bc49f83d8 100644
---- a/mk/config.mk
-+++ b/mk/config.mk
-@@ -116,7 +116,7 @@ endif
- # with limited depth not including any tag, so there is really no guarantee
- # that TEE_IMPL_VERSION contains the major and minor revision numbers.
- CFG_OPTEE_REVISION_MAJOR ?= 3
--CFG_OPTEE_REVISION_MINOR ?= 8
-+CFG_OPTEE_REVISION_MINOR ?= 9
-
- # Trusted OS implementation manufacturer name
- CFG_TEE_MANUFACTURER ?= LINARO
---
-2.17.1
-
diff --git a/boot/optee-os/0003-mk-core-ta-Configurable-Python-interpreter.patch b/boot/optee-os/0003-mk-core-ta-Configurable-Python-interpreter.patch
deleted file mode 100644
index 911a09b986..0000000000
--- a/boot/optee-os/0003-mk-core-ta-Configurable-Python-interpreter.patch
+++ /dev/null
@@ -1,249 +0,0 @@
-From 49c7d2557d92993a1e09e50c961b9d4f7ab1091b Mon Sep 17 00:00:00 2001
-From: Dick Olsson <hi@senzilla.io>
-Date: Wed, 22 Jul 2020 08:49:12 +0200
-Subject: [PATCH] mk: core: ta: Configurable Python interpreter
-
-Build systems that manage multiple different python interpreters need
-explicit control over which version of the interpreter to use.
-This patch enables one to override the default interpreter with the path
-to a specific one.
-
-Signed-off-by: Dick Olsson <hi@senzilla.io>
-Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
-Reviewed-by: Jerome Forissier <jerome@forissier.org>
----
- core/arch/arm/arm.mk | 2 ++
- core/arch/arm/kernel/link.mk | 22 +++++++++++-----------
- core/sub.mk | 10 +++++-----
- mk/config.mk | 6 ++++++
- mk/lib.mk | 2 +-
- ta/arch/arm/link.mk | 2 +-
- ta/arch/arm/link_shlib.mk | 2 +-
- ta/ta.mk | 2 +-
- 8 files changed, 28 insertions(+), 20 deletions(-)
-
-diff --git a/core/arch/arm/arm.mk b/core/arch/arm/arm.mk
-index 5c9f16ef..878035c5 100644
---- a/core/arch/arm/arm.mk
-+++ b/core/arch/arm/arm.mk
-@@ -245,6 +245,7 @@ ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE32 ?= $$(CROSS_COMPILE)_nl_
- ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE_ta_arm32 ?= $$(CROSS_COMPILE32)_nl_
- ta-mk-file-export-add-ta_arm32 += COMPILER ?= gcc_nl_
- ta-mk-file-export-add-ta_arm32 += COMPILER_ta_arm32 ?= $$(COMPILER)_nl_
-+ta-mk-file-export-add-ta_arm32 += PYTHON3 ?= python3_nl_
- endif
-
- ifneq ($(filter ta_arm64,$(ta-targets)),)
-@@ -275,6 +276,7 @@ ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE64 ?= $$(CROSS_COMPILE)_nl_
- ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE_ta_arm64 ?= $$(CROSS_COMPILE64)_nl_
- ta-mk-file-export-add-ta_arm64 += COMPILER ?= gcc_nl_
- ta-mk-file-export-add-ta_arm64 += COMPILER_ta_arm64 ?= $$(COMPILER)_nl_
-+ta-mk-file-export-add-ta_arm64 += PYTHON3 ?= python3_nl_
- endif
-
- # Set cross compiler prefix for each TA target
-diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk
-index 1b89b895..69375ad6 100644
---- a/core/arch/arm/kernel/link.mk
-+++ b/core/arch/arm/kernel/link.mk
-@@ -62,13 +62,13 @@ cleanfiles += $(link-out-dir)/text_unpaged.ld.S
- $(link-out-dir)/text_unpaged.ld.S: $(link-out-dir)/unpaged.o
- @$(cmd-echo-silent) ' GEN $@'
- $(q)$(READELFcore) -S -W $< | \
-- ./scripts/gen_ld_sects.py .text. > $@
-+ $(PYTHON3) ./scripts/gen_ld_sects.py .text. > $@
-
- cleanfiles += $(link-out-dir)/rodata_unpaged.ld.S
- $(link-out-dir)/rodata_unpaged.ld.S: $(link-out-dir)/unpaged.o
- @$(cmd-echo-silent) ' GEN $@'
- $(q)$(READELFcore) -S -W $< | \
-- ./scripts/gen_ld_sects.py .rodata. > $@
-+ $(PYTHON3) ./scripts/gen_ld_sects.py .rodata. > $@
-
-
- cleanfiles += $(link-out-dir)/init_entries.txt
-@@ -92,12 +92,12 @@ cleanfiles += $(link-out-dir)/text_init.ld.S
- $(link-out-dir)/text_init.ld.S: $(link-out-dir)/init.o
- @$(cmd-echo-silent) ' GEN $@'
- $(q)$(READELFcore) -S -W $< | \
-- ./scripts/gen_ld_sects.py .text. > $@
-+ $(PYTHON3) ./scripts/gen_ld_sects.py .text. > $@
-
- cleanfiles += $(link-out-dir)/rodata_init.ld.S
- $(link-out-dir)/rodata_init.ld.S: $(link-out-dir)/init.o
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)$(READELFcore) -S -W $< | ./scripts/gen_ld_sects.py .rodata. > $@
-+ $(q)$(READELFcore) -S -W $< | $(PYTHON3) ./scripts/gen_ld_sects.py .rodata. > $@
-
- -include $(link-script-dep)
-
-@@ -176,39 +176,39 @@ cleanfiles += $(link-out-dir)/tee-pager.bin
- $(link-out-dir)/tee-pager.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
- @echo Warning: $@ is deprecated
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)scripts/gen_tee_bin.py --input $< --out_tee_pager_bin $@
-+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_tee_pager_bin $@
-
- cleanfiles += $(link-out-dir)/tee-pageable.bin
- $(link-out-dir)/tee-pageable.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
- @echo Warning: $@ is deprecated
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)scripts/gen_tee_bin.py --input $< --out_tee_pageable_bin $@
-+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_tee_pageable_bin $@
-
- all: $(link-out-dir)/tee.bin
- cleanfiles += $(link-out-dir)/tee.bin
- $(link-out-dir)/tee.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)scripts/gen_tee_bin.py --input $< --out_tee_bin $@
-+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_tee_bin $@
-
- all: $(link-out-dir)/tee-header_v2.bin
- cleanfiles += $(link-out-dir)/tee-header_v2.bin
- $(link-out-dir)/tee-header_v2.bin: $(link-out-dir)/tee.elf \
- scripts/gen_tee_bin.py
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)scripts/gen_tee_bin.py --input $< --out_header_v2 $@
-+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_header_v2 $@
-
- all: $(link-out-dir)/tee-pager_v2.bin
- cleanfiles += $(link-out-dir)/tee-pager_v2.bin
- $(link-out-dir)/tee-pager_v2.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)scripts/gen_tee_bin.py --input $< --out_pager_v2 $@
-+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_pager_v2 $@
-
- all: $(link-out-dir)/tee-pageable_v2.bin
- cleanfiles += $(link-out-dir)/tee-pageable_v2.bin
- $(link-out-dir)/tee-pageable_v2.bin: $(link-out-dir)/tee.elf \
- scripts/gen_tee_bin.py
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)scripts/gen_tee_bin.py --input $< --out_pageable_v2 $@
-+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_pageable_v2 $@
-
- all: $(link-out-dir)/tee.symb_sizes
- cleanfiles += $(link-out-dir)/tee.symb_sizes
-@@ -222,5 +222,5 @@ mem_usage: $(link-out-dir)/tee.mem_usage
-
- $(link-out-dir)/tee.mem_usage: $(link-out-dir)/tee.elf
- @$(cmd-echo-silent) ' GEN $@'
-- $(q)./scripts/mem_usage.py $< > $@
-+ $(q)$(PYTHON3) ./scripts/mem_usage.py $< > $@
- endif
-diff --git a/core/sub.mk b/core/sub.mk
-index 03cc6bc7..0959c9a9 100644
---- a/core/sub.mk
-+++ b/core/sub.mk
-@@ -9,13 +9,13 @@ ifeq ($(CFG_WITH_USER_TA),y)
- gensrcs-y += ta_pub_key
- produce-ta_pub_key = ta_pub_key.c
- depends-ta_pub_key = $(TA_SIGN_KEY) scripts/pem_to_pub_c.py
--recipe-ta_pub_key = scripts/pem_to_pub_c.py --prefix ta_pub_key \
-+recipe-ta_pub_key = $(PYTHON3) scripts/pem_to_pub_c.py --prefix ta_pub_key \
- --key $(TA_SIGN_KEY) --out $(sub-dir-out)/ta_pub_key.c
-
- gensrcs-y += ldelf
- produce-ldelf = ldelf_hex.c
- depends-ldelf = scripts/gen_ldelf_hex.py $(out-dir)/ldelf/ldelf.elf
--recipe-ldelf = scripts/gen_ldelf_hex.py --input $(out-dir)/ldelf/ldelf.elf \
-+recipe-ldelf = $(PYTHON3) scripts/gen_ldelf_hex.py --input $(out-dir)/ldelf/ldelf.elf \
- --output $(sub-dir-out)/ldelf_hex.c
- endif
-
-@@ -25,7 +25,7 @@ early-ta-$1-uuid := $(firstword $(subst ., ,$(notdir $1)))
- gensrcs-y += early-ta-$1
- produce-early-ta-$1 = early_ta_$$(early-ta-$1-uuid).c
- depends-early-ta-$1 = $1 scripts/ta_bin_to_c.py
--recipe-early-ta-$1 = scripts/ta_bin_to_c.py --compress --ta $1 \
-+recipe-early-ta-$1 = $(PYTHON3) scripts/ta_bin_to_c.py --compress --ta $1 \
- --out $(sub-dir-out)/early_ta_$$(early-ta-$1-uuid).c
- endef
- $(foreach f, $(EARLY_TA_PATHS), $(eval $(call process_early_ta,$(f))))
-@@ -40,7 +40,7 @@ core-embed-fdt-c = $(out-dir)/$(arch-dir)/dts/$(CFG_EMBED_DTB_SOURCE_FILE:.dts=.
- gensrcs-y += embedded_secure_dtb
- produce-embedded_secure_dtb = arch/$(ARCH)/dts/$(CFG_EMBED_DTB_SOURCE_FILE:.dts=.c)
- depends-embedded_secure_dtb = $(core-embed-fdt-dtb) scripts/bin_to_c.py
--recipe-embedded_secure_dtb = scripts/bin_to_c.py \
-+recipe-embedded_secure_dtb = $(PYTHON3) scripts/bin_to_c.py \
- --bin $(core-embed-fdt-dtb) \
- --vname embedded_secure_dtb \
- --out $(core-embed-fdt-c)
-@@ -58,7 +58,7 @@ $(conf-mk-xz-base64): $(conf-mk-file)
- gensrcs-y += conf_str
- produce-conf_str = conf.mk.xz.base64.c
- depends-conf_str = $(conf-mk-xz-base64)
--recipe-conf_str = scripts/bin_to_c.py --text --bin $(conf-mk-xz-base64) \
-+recipe-conf_str = $(PYTHON3) scripts/bin_to_c.py --text --bin $(conf-mk-xz-base64) \
- --out $(sub-dir-out)/conf.mk.xz.base64.c \
- --vname conf_str
- endif
-diff --git a/mk/config.mk b/mk/config.mk
-index 70732c4d..1fe65576 100644
---- a/mk/config.mk
-+++ b/mk/config.mk
-@@ -32,6 +32,12 @@ endif
- # Supported values: undefined, 1, 2 and 3. 3 gives more warnings.
- WARNS ?= 3
-
-+# Path to the Python interpreter used by the build system.
-+# This variable is set to the default python3 interpreter in the user's
-+# path. But build environments that require more explicit control can
-+# set the path to a specific interpreter through this variable.
-+PYTHON3 ?= python3
-+
- # Define DEBUG=1 to compile without optimization (forces -O0)
- # DEBUG=1
-
-diff --git a/mk/lib.mk b/mk/lib.mk
-index 6e890893..3bd422d6 100644
---- a/mk/lib.mk
-+++ b/mk/lib.mk
-@@ -72,7 +72,7 @@ $(lib-shlibstrippedfile): $(lib-shlibfile)
-
- $(lib-shlibtafile): $(lib-shlibstrippedfile) $(TA_SIGN_KEY)
- @$(cmd-echo-silent) ' SIGN $$@'
-- $$(q)$$(SIGN) --key $(TA_SIGN_KEY) --uuid $(libuuid) --in $$< --out $$@
-+ $$(q)$$(PYTHON3) $$(SIGN) --key $(TA_SIGN_KEY) --uuid $(libuuid) --in $$< --out $$@
-
- $(lib-libuuidln): $(lib-shlibfile)
- @$(cmd-echo-silent) ' LN $$@'
-diff --git a/ta/arch/arm/link.mk b/ta/arch/arm/link.mk
-index db7d0b9a..b95c0cba 100644
---- a/ta/arch/arm/link.mk
-+++ b/ta/arch/arm/link.mk
-@@ -2,7 +2,7 @@ link-script$(sm) = $(ta-dev-kit-dir$(sm))/src/ta.ld.S
- link-script-pp$(sm) = $(link-out-dir$(sm))/ta.lds
- link-script-dep$(sm) = $(link-out-dir$(sm))/.ta.ld.d
-
--SIGN_ENC ?= $(ta-dev-kit-dir$(sm))/scripts/sign_encrypt.py
-+SIGN_ENC ?= $(PYTHON3) $(ta-dev-kit-dir$(sm))/scripts/sign_encrypt.py
- TA_SIGN_KEY ?= $(ta-dev-kit-dir$(sm))/keys/default_ta.pem
-
- ifeq ($(CFG_ENCRYPT_TA),y)
-diff --git a/ta/arch/arm/link_shlib.mk b/ta/arch/arm/link_shlib.mk
-index ed81e59a..cc177ef0 100644
---- a/ta/arch/arm/link_shlib.mk
-+++ b/ta/arch/arm/link_shlib.mk
-@@ -47,5 +47,5 @@ $(link-out-dir)/$(shlibuuid).elf: $(link-out-dir)/$(shlibname).so
- $(link-out-dir)/$(shlibuuid).ta: $(link-out-dir)/$(shlibname).stripped.so \
- $(TA_SIGN_KEY)
- @$(cmd-echo-silent) ' SIGN $@'
-- $(q)$(SIGN) --key $(TA_SIGN_KEY) --uuid $(shlibuuid) \
-+ $(q)$(PYTHON3) $(SIGN) --key $(TA_SIGN_KEY) --uuid $(shlibuuid) \
- --in $< --out $@
-diff --git a/ta/ta.mk b/ta/ta.mk
-index 918880f4..59ed87f7 100644
---- a/ta/ta.mk
-+++ b/ta/ta.mk
-@@ -67,7 +67,7 @@ $$(arm32-user-sysregs-out)/$$(arm32-user-sysregs-$(1)-h): \
- $(1) scripts/arm32_sysreg.py
- @$(cmd-echo-silent) ' GEN $$@'
- $(q)mkdir -p $$(dir $$@)
-- $(q)scripts/arm32_sysreg.py --guard __$$(arm32-user-sysregs-$(1)-h) \
-+ $(q)$(PYTHON3) scripts/arm32_sysreg.py --guard __$$(arm32-user-sysregs-$(1)-h) \
- < $$< > $$@
-
- endef #process-arm32-user-sysreg
---
-2.20.1
-
diff --git a/boot/optee-os/Config.in b/boot/optee-os/Config.in
index 5a786833ef..3076be6b42 100644
--- a/boot/optee-os/Config.in
+++ b/boot/optee-os/Config.in
@@ -18,7 +18,7 @@ choice
Select the version of OP-TEE OS you want to use
config BR2_TARGET_OPTEE_OS_LATEST
- bool "3.9.0"
+ bool "3.11.0"
help
Use the latest release tag from the OP-TEE OS official Git
repository.
@@ -50,7 +50,7 @@ endif
config BR2_TARGET_OPTEE_OS_VERSION
string
- default "3.9.0" if BR2_TARGET_OPTEE_OS_LATEST
+ default "3.11.0" if BR2_TARGET_OPTEE_OS_LATEST
default BR2_TARGET_OPTEE_OS_CUSTOM_REPO_VERSION \
if BR2_TARGET_OPTEE_OS_CUSTOM_GIT
diff --git a/boot/optee-os/optee-os.hash b/boot/optee-os/optee-os.hash
index f38ebc569f..0d60cebea1 100644
--- a/boot/optee-os/optee-os.hash
+++ b/boot/optee-os/optee-os.hash
@@ -1,4 +1,4 @@
-# From https://github.com/OP-TEE/optee_os/archive/3.9.0.tar.gz
-sha256 ac6f145ebde715d4d7a1d5277f4e08a06b660e1c0237c926a274d86cd90ef4c5 optee-os-3.9.0.tar.gz
+# From https://github.com/OP-TEE/optee_os/archive/3.11.0.tar.gz
+sha256 3c34eda1052fbb9ed36fcfdfaecfd2685023b9290670c1a5982f8a0457bfd2cb optee-os-3.11.0.tar.gz
# Locally computed
sha256 1247ee90858f4037b6cac63cbffddfed435d0d73c631b37d78c1e6e6ab3e5d1a LICENSE