From 47f420ae082fe3ec11afda4aab1b96e3e38752ef Mon Sep 17 00:00:00 2001
From: Roger Quadros <rogerq@kernel.org>
Date: Sat, 19 Feb 2022 20:50:04 +0200
Subject: binman: Add support for TEE BL32

Add an entry for OP-TEE Trusted OS 'BL32' payload.
This is required by platforms using Cortex-A cores with TrustZone
technology.

Signed-off-by: Roger Quadros <rogerq@kernel.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Add missing-blob-help, renumber the test file, update entry-docs:
Signed-off-by: Simon Glass <sjg@chromium.org>
---
 tools/binman/entries.rst         | 13 +++++++++++++
 tools/binman/etype/tee_os.py     | 22 ++++++++++++++++++++++
 tools/binman/ftest.py            |  8 ++++++++
 tools/binman/missing-blob-help   |  4 ++++
 tools/binman/test/222_tee_os.dts | 14 ++++++++++++++
 5 files changed, 61 insertions(+)
 create mode 100644 tools/binman/etype/tee_os.py
 create mode 100644 tools/binman/test/222_tee_os.dts

(limited to 'tools/binman')

diff --git a/tools/binman/entries.rst b/tools/binman/entries.rst
index c47f7df098..88230a69d4 100644
--- a/tools/binman/entries.rst
+++ b/tools/binman/entries.rst
@@ -1103,6 +1103,19 @@ available. This is set by the `SetAllowMissing()` method, if
 
 
 
+Entry: tee-os: Entry containing an OP-TEE Trusted OS (TEE) blob
+---------------------------------------------------------------
+
+Properties / Entry arguments:
+    - tee-os-path: Filename of file to read into entry. This is typically
+        called tee-pager.bin
+
+This entry holds the run-time firmware, typically started by U-Boot SPL.
+See the U-Boot README for your architecture or board for how to use it. See
+https://github.com/OP-TEE/optee_os for more information about OP-TEE.
+
+
+
 Entry: text: An entry which contains text
 -----------------------------------------
 
diff --git a/tools/binman/etype/tee_os.py b/tools/binman/etype/tee_os.py
new file mode 100644
index 0000000000..6ce4b672de
--- /dev/null
+++ b/tools/binman/etype/tee_os.py
@@ -0,0 +1,22 @@
+# SPDX-License-Identifier: GPL-2.0+
+# Copyright (C) 2022 Texas Instruments Incorporated - https://www.ti.com/
+#
+# Entry-type module for OP-TEE Trusted OS firmware blob
+#
+
+from binman.etype.blob_named_by_arg import Entry_blob_named_by_arg
+
+class Entry_tee_os(Entry_blob_named_by_arg):
+    """Entry containing an OP-TEE Trusted OS (TEE) blob
+
+    Properties / Entry arguments:
+        - tee-os-path: Filename of file to read into entry. This is typically
+            called tee-pager.bin
+
+    This entry holds the run-time firmware, typically started by U-Boot SPL.
+    See the U-Boot README for your architecture or board for how to use it. See
+    https://github.com/OP-TEE/optee_os for more information about OP-TEE.
+    """
+    def __init__(self, section, etype, node):
+        super().__init__(section, etype, node, 'tee-os')
+        self.external = True
diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py
index 4616a29deb..6a77f1da1e 100644
--- a/tools/binman/ftest.py
+++ b/tools/binman/ftest.py
@@ -84,6 +84,7 @@ FSP_M_DATA            = b'fsp_m'
 FSP_S_DATA            = b'fsp_s'
 FSP_T_DATA            = b'fsp_t'
 ATF_BL31_DATA         = b'bl31'
+TEE_OS_DATA           = b'this is some tee OS data'
 ATF_BL2U_DATA         = b'bl2u'
 OPENSBI_DATA          = b'opensbi'
 SCP_DATA              = b'scp'
@@ -188,6 +189,7 @@ class TestFunctional(unittest.TestCase):
         TestFunctional._MakeInputFile('compress', COMPRESS_DATA)
         TestFunctional._MakeInputFile('compress_big', COMPRESS_DATA_BIG)
         TestFunctional._MakeInputFile('bl31.bin', ATF_BL31_DATA)
+        TestFunctional._MakeInputFile('tee-pager.bin', TEE_OS_DATA)
         TestFunctional._MakeInputFile('bl2u.bin', ATF_BL2U_DATA)
         TestFunctional._MakeInputFile('fw_dynamic.bin', OPENSBI_DATA)
         TestFunctional._MakeInputFile('scp.bin', SCP_DATA)
@@ -5296,5 +5298,11 @@ fdt         fdtmap                Extract the devicetree blob from the fdtmap
         fnode = mkimage_dtb.GetNode('/images/fdt-1/hash')
         self.assertIn('value', fnode.props)
 
+    def testPackTeeOs(self):
+        """Test that an image with an TEE binary can be created"""
+        data = self._DoReadFile('222_tee_os.dts')
+        self.assertEqual(TEE_OS_DATA, data[:len(TEE_OS_DATA)])
+
+
 if __name__ == "__main__":
     unittest.main()
diff --git a/tools/binman/missing-blob-help b/tools/binman/missing-blob-help
index 551ca87f6c..c61ca02a35 100644
--- a/tools/binman/missing-blob-help
+++ b/tools/binman/missing-blob-help
@@ -33,3 +33,7 @@ k3-rti-wdt-firmware:
 If CONFIG_WDT_K3_RTI_LOAD_FW is enabled, a firmware image is needed for
 the R5F core(s) to trigger the system reset. One possible source is
 https://github.com/siemens/k3-rti-wdt.
+
+tee-os:
+See the documentation for your board. You may need to build Open Portable
+Trusted Execution Environment (OP-TEE) with TEE=/path/to/tee.bin
diff --git a/tools/binman/test/222_tee_os.dts b/tools/binman/test/222_tee_os.dts
new file mode 100644
index 0000000000..6885497294
--- /dev/null
+++ b/tools/binman/test/222_tee_os.dts
@@ -0,0 +1,14 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/dts-v1/;
+
+/ {
+	#address-cells = <1>;
+	#size-cells = <1>;
+
+	binman {
+		tee-os {
+			filename = "tee-pager.bin";
+		};
+	};
+};
-- 
cgit v1.2.3