diff mbox series

[5/5] arm/qemuarm-secureboot: pin optee-os version

Message ID 20221221143942.15196-6-emekcan.aras@arm.com
State New
Headers show
Series Add optee-os 3.19 recipe | expand

Commit Message

Emekcan Aras Dec. 21, 2022, 2:39 p.m. UTC
From: Emekcan Aras <emekcan.aras@arm.com>

There is a new optee version 3.19. Currently, qemuarm-secureboot cannot boot
optee 3.19 out-of-the-box. This pins optee-os version to 3.18 for
qemuarm-secureboot.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 meta-arm/conf/machine/qemuarm-secureboot.conf   | 3 +++
 meta-arm/conf/machine/qemuarm64-secureboot.conf | 3 +++
 2 files changed, 6 insertions(+)

Comments

Sumit Garg Dec. 21, 2022, 3:37 p.m. UTC | #1
On Wed, 21 Dec 2022 at 20:10, <emekcan.aras@arm.com> wrote:
>
> From: Emekcan Aras <emekcan.aras@arm.com>
>
> There is a new optee version 3.19. Currently, qemuarm-secureboot cannot boot
> optee 3.19 out-of-the-box.

This sounds strange since Qemu is regularly tested in OP-TEE build CI
as well as 3.19 release [1]. Is it really an OP-TEE related issue? Can
you share details of the boot error you are observing?

[1] https://github.com/OP-TEE/optee_os/commit/afacf356f9593a7f83cae9f96026824ec242ff52

-Sumit

> This pins optee-os version to 3.18 for
> qemuarm-secureboot.
>
> Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
> ---
>  meta-arm/conf/machine/qemuarm-secureboot.conf   | 3 +++
>  meta-arm/conf/machine/qemuarm64-secureboot.conf | 3 +++
>  2 files changed, 6 insertions(+)
>
> diff --git a/meta-arm/conf/machine/qemuarm-secureboot.conf b/meta-arm/conf/machine/qemuarm-secureboot.conf
> index f08b84fe..db02dc68 100644
> --- a/meta-arm/conf/machine/qemuarm-secureboot.conf
> +++ b/meta-arm/conf/machine/qemuarm-secureboot.conf
> @@ -21,3 +21,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
>  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
>
>  MACHINE_FEATURES += "optee-ftpm"
> +
> +PREFERRED_VERSION_optee-os ?= "3.18.%"
> +
> diff --git a/meta-arm/conf/machine/qemuarm64-secureboot.conf b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> index 55c4cab4..7277817d 100644
> --- a/meta-arm/conf/machine/qemuarm64-secureboot.conf
> +++ b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> @@ -23,3 +23,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
>  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
>
>  MACHINE_FEATURES += "optee-ftpm"
> +
> +PREFERRED_VERSION_optee-os ?= "3.18.%"
> +
> --
> 2.17.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#4220): https://lists.yoctoproject.org/g/meta-arm/message/4220
> Mute This Topic: https://lists.yoctoproject.org/mt/95807186/1777089
> Group Owner: meta-arm+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/meta-arm/unsub [sumit.garg@linaro.org]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Sumit Garg Dec. 22, 2022, 6:48 a.m. UTC | #2
On Wed, 21 Dec 2022 at 21:29, Emekcan Aras <Emekcan.Aras@arm.com> wrote:
>
>
>
> ________________________________
> From: Sumit Garg <sumit.garg@linaro.org>
> Sent: Wednesday, December 21, 2022 3:37 PM
> To: Emekcan Aras <Emekcan.Aras@arm.com>
> Cc: meta-arm@lists.yoctoproject.org <meta-arm@lists.yoctoproject.org>; Ross Burton <Ross.Burton@arm.com>; Jon Mason <Jon.Mason@arm.com>; nd <nd@arm.com>
> Subject: Re: [meta-arm] [PATCH 5/5] arm/qemuarm-secureboot: pin optee-os version
>
> On Wed, 21 Dec 2022 at 20:10, <emekcan.aras@arm.com> wrote:
> >
> > From: Emekcan Aras <emekcan.aras@arm.com>
> >
> > There is a new optee version 3.19. Currently, qemuarm-secureboot cannot boot
> > optee 3.19 out-of-the-box.
>
> This sounds strange since Qemu is regularly tested in OP-TEE build CI
> as well as 3.19 release [1]. Is it really an OP-TEE related issue? Can
> you share details of the boot error you are observing?
>
> [1] https://github.com/OP-TEE/optee_os/commit/afacf356f9593a7f83cae9f96026824ec242ff52
>
> -Sumit
>
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 Panic 'Failed mapping FIP SPs' at core/arch/arm/kernel/secure_partition.c:1223 <sp_init_all>

This file won't even compile if CFG_SECURE_PARTITION=n which is the
default configuration. So how does it get enabled for Qemu using
OP-TEE 3.19?

> 2022-12-21 11:33:27 - INFO - E/TC:0 0 TEE load address @ 0xcf412000
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 Call stack:
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41eb3c
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf42bafc
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41bd4c
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf42d548
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41e268
> 2022-12-21 11:33:27 - INFO - runqemu - INFO - SIGTERM received
> 2022-12-21 11:33:27 - INFO - runqemu - INFO - Cleaning up
> 2022-12-21 11:33:27 - INFO - runqemu - INFO - Host uptime: 1436.86
> 2022-12-21 11:33:27 - INFO -
> 2022-12-21 11:33:27 - INFO - tput: No value for $TERM and no -T specified
> 2022-12-21 11:33:27 - INFO - tput: No value for $TERM and no -T specified
>
> This is the error message. We also have the same issue for n1sdp since the new optee is looking for an SP manifest in FIP..

AFAIK, secure partitions are not enabled by default in OP-TEE. So how
does that get enabled for Qemu? Also, I can see from your patch-set
that you enable secure partitions explicitly for n1sdp.

> Need to create a bbappend or an inc file for qemuarm-secureboot as well where the necessary flags are set. Just left it for now since there are other platforms that use optee 3.18 version. I think this can be fixed relatively easily when all the platforms upgrades to 3.19.

I would suggest that we update Qemu as part of OP-TEE uprev as that is
something which others could test as well as something that can be
tested in CI as well.

-Sumit

>
> -Emek
>
> > This pins optee-os version to 3.18 for
> > qemuarm-secureboot.
> >
> > Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
> > ---
> >  meta-arm/conf/machine/qemuarm-secureboot.conf   | 3 +++
> >  meta-arm/conf/machine/qemuarm64-secureboot.conf | 3 +++
> >  2 files changed, 6 insertions(+)
> >
> > diff --git a/meta-arm/conf/machine/qemuarm-secureboot.conf b/meta-arm/conf/machine/qemuarm-secureboot.conf
> > index f08b84fe..db02dc68 100644
> > --- a/meta-arm/conf/machine/qemuarm-secureboot.conf
> > +++ b/meta-arm/conf/machine/qemuarm-secureboot.conf
> > @@ -21,3 +21,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
> >  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
> >
> >  MACHINE_FEATURES += "optee-ftpm"
> > +
> > +PREFERRED_VERSION_optee-os ?= "3.18.%"
> > +
> > diff --git a/meta-arm/conf/machine/qemuarm64-secureboot.conf b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > index 55c4cab4..7277817d 100644
> > --- a/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > +++ b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > @@ -23,3 +23,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
> >  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
> >
> >  MACHINE_FEATURES += "optee-ftpm"
> > +
> > +PREFERRED_VERSION_optee-os ?= "3.18.%"
> > +
> > --
> > 2.17.1
> >
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#4220): https://lists.yoctoproject.org/g/meta-arm/message/4220
> > Mute This Topic: https://lists.yoctoproject.org/mt/95807186/1777089
> > Group Owner: meta-arm+owner@lists.yoctoproject.org
> > Unsubscribe: https://lists.yoctoproject.org/g/meta-arm/unsub [sumit.garg@linaro.org]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
Emekcan Aras Dec. 22, 2022, 8:42 a.m. UTC | #3
From: Sumit Garg <sumit.garg@linaro.org>
Sent: Thursday, December 22, 2022 6:48 AM
To: Emekcan Aras <Emekcan.Aras@arm.com>
Cc: meta-arm@lists.yoctoproject.org <meta-arm@lists.yoctoproject.org>; Ross Burton <Ross.Burton@arm.com>; Jon Mason <Jon.Mason@arm.com>; nd <nd@arm.com>
Subject: Re: [meta-arm] [PATCH 5/5] arm/qemuarm-secureboot: pin optee-os version

On Wed, 21 Dec 2022 at 21:29, Emekcan Aras <Emekcan.Aras@arm.com> wrote:
>
>
>
> ________________________________
> From: Sumit Garg <sumit.garg@linaro.org>
> Sent: Wednesday, December 21, 2022 3:37 PM
> To: Emekcan Aras <Emekcan.Aras@arm.com>
> Cc: meta-arm@lists.yoctoproject.org <meta-arm@lists.yoctoproject.org>; Ross Burton <Ross.Burton@arm.com>; Jon Mason <Jon.Mason@arm.com>; nd <nd@arm.com>
> Subject: Re: [meta-arm] [PATCH 5/5] arm/qemuarm-secureboot: pin optee-os version
>
> On Wed, 21 Dec 2022 at 20:10, <emekcan.aras@arm.com> wrote:
> >
> > From: Emekcan Aras <emekcan.aras@arm.com>
> >
> > There is a new optee version 3.19. Currently, qemuarm-secureboot cannot boot
> > optee 3.19 out-of-the-box.
>
> This sounds strange since Qemu is regularly tested in OP-TEE build CI
> as well as 3.19 release [1]. Is it really an OP-TEE related issue? Can
> you share details of the boot error you are observing?
>
> [1] https://github.com/OP-TEE/optee_os/commit/afacf356f9593a7f83cae9f96026824ec242ff52
>
> -Sumit
>
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 Panic 'Failed mapping FIP SPs' at core/arch/arm/kernel/secure_partition.c:1223 <sp_init_all>

This file won't even compile if CFG_SECURE_PARTITION=n which is the
default configuration. So how does it get enabled for Qemu using
OP-TEE 3.19?

I don't know. I saw that you've developed the qemu recipes. So hoping that you might answered this :)
Maybe optee 3.19 set this explicitly. This patchset was already reviewed by maintainers actually and ran on different platforms.
It could be related to the recipe as well, but as you can see I'm not doing anything complicated there.

> 2022-12-21 11:33:27 - INFO - E/TC:0 0 TEE load address @ 0xcf412000
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 Call stack:
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41eb3c
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf42bafc
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41bd4c
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf42d548
> 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41e268
> 2022-12-21 11:33:27 - INFO - runqemu - INFO - SIGTERM received
> 2022-12-21 11:33:27 - INFO - runqemu - INFO - Cleaning up
> 2022-12-21 11:33:27 - INFO - runqemu - INFO - Host uptime: 1436.86
> 2022-12-21 11:33:27 - INFO -
> 2022-12-21 11:33:27 - INFO - tput: No value for $TERM and no -T specified
> 2022-12-21 11:33:27 - INFO - tput: No value for $TERM and no -T specified
>
> This is the error message. We also have the same issue for n1sdp since the new optee is looking for an SP manifest in FIP..

AFAIK, secure partitions are not enabled by default in OP-TEE. So how
does that get enabled for Qemu? Also, I can see from your patch-set
that you enable secure partitions explicitly for n1sdp.

> Need to create a bbappend or an inc file for qemuarm-secureboot as well where the necessary flags are set. Just left it for now since there are other platforms that use optee 3.18 version. I think this can be fixed relatively easily when all the platforms upgrades to 3.19.

I would suggest that we update Qemu as part of OP-TEE uprev as that is
something which others could test as well as something that can be
tested in CI as well.

I kindly disagree with this :) Normally, there is always an uprev work for components every now and then. Someone pushes a new recipe for the new version and if any platform fails, Maintainers ask platform-maintainers to fix it. At least that's our experience on corstone1000 and it makes sense, to be honest. I think optee uprev work and upgrading other platforms should go separately if it doesn't work out-of-the-box. I.E. Next month, I'll update corstone1000 to optee 3.19, because it doesn't work quite right with the new version. However, this is not related to the new recipe, it's rather related to configurations.

-Sumit

>
> -Emek
>
> > This pins optee-os version to 3.18 for
> > qemuarm-secureboot.
> >
> > Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
> > ---
> >  meta-arm/conf/machine/qemuarm-secureboot.conf   | 3 +++
> >  meta-arm/conf/machine/qemuarm64-secureboot.conf | 3 +++
> >  2 files changed, 6 insertions(+)
> >
> > diff --git a/meta-arm/conf/machine/qemuarm-secureboot.conf b/meta-arm/conf/machine/qemuarm-secureboot.conf
> > index f08b84fe..db02dc68 100644
> > --- a/meta-arm/conf/machine/qemuarm-secureboot.conf
> > +++ b/meta-arm/conf/machine/qemuarm-secureboot.conf
> > @@ -21,3 +21,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
> >  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
> >
> >  MACHINE_FEATURES += "optee-ftpm"
> > +
> > +PREFERRED_VERSION_optee-os ?= "3.18.%"
> > +
> > diff --git a/meta-arm/conf/machine/qemuarm64-secureboot.conf b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > index 55c4cab4..7277817d 100644
> > --- a/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > +++ b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > @@ -23,3 +23,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
> >  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
> >
> >  MACHINE_FEATURES += "optee-ftpm"
> > +
> > +PREFERRED_VERSION_optee-os ?= "3.18.%"
> > +
> > --
> > 2.17.1
> >
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#4220): https://lists.yoctoproject.org/g/meta-arm/message/4220
> > Mute This Topic: https://lists.yoctoproject.org/mt/95807186/1777089
> > Group Owner: meta-arm+owner@lists.yoctoproject.org
> > Unsubscribe: https://lists.yoctoproject.org/g/meta-arm/unsub [sumit.garg@linaro.org]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
Sumit Garg Dec. 23, 2022, 5:47 a.m. UTC | #4
On Thu, 22 Dec 2022 at 14:12, Emekcan Aras <emekcan.aras@arm.com> wrote:
>
> From: Sumit Garg <sumit.garg@linaro.org>
> Sent: Thursday, December 22, 2022 6:48 AM
> To: Emekcan Aras <Emekcan.Aras@arm.com>
> Cc: meta-arm@lists.yoctoproject.org <meta-arm@lists.yoctoproject.org>; Ross Burton <Ross.Burton@arm.com>; Jon Mason <Jon.Mason@arm.com>; nd <nd@arm.com>
> Subject: Re: [meta-arm] [PATCH 5/5] arm/qemuarm-secureboot: pin optee-os version
>
> On Wed, 21 Dec 2022 at 21:29, Emekcan Aras <Emekcan.Aras@arm.com> wrote:
> >
> >
> >
> > ________________________________
> > From: Sumit Garg <sumit.garg@linaro.org>
> > Sent: Wednesday, December 21, 2022 3:37 PM
> > To: Emekcan Aras <Emekcan.Aras@arm.com>
> > Cc: meta-arm@lists.yoctoproject.org <meta-arm@lists.yoctoproject.org>; Ross Burton <Ross.Burton@arm.com>; Jon Mason <Jon.Mason@arm.com>; nd <nd@arm.com>
> > Subject: Re: [meta-arm] [PATCH 5/5] arm/qemuarm-secureboot: pin optee-os version
> >
> > On Wed, 21 Dec 2022 at 20:10, <emekcan.aras@arm.com> wrote:
> > >
> > > From: Emekcan Aras <emekcan.aras@arm.com>
> > >
> > > There is a new optee version 3.19. Currently, qemuarm-secureboot cannot boot
> > > optee 3.19 out-of-the-box.
> >
> > This sounds strange since Qemu is regularly tested in OP-TEE build CI
> > as well as 3.19 release [1]. Is it really an OP-TEE related issue? Can
> > you share details of the boot error you are observing?
> >
> > [1] https://github.com/OP-TEE/optee_os/commit/afacf356f9593a7f83cae9f96026824ec242ff52
> >
> > -Sumit
> >
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 Panic 'Failed mapping FIP SPs' at core/arch/arm/kernel/secure_partition.c:1223 <sp_init_all>
>
> This file won't even compile if CFG_SECURE_PARTITION=n which is the
> default configuration. So how does it get enabled for Qemu using
> OP-TEE 3.19?
>
> I don't know. I saw that you've developed the qemu recipes. So hoping that you might answered this :)
> Maybe optee 3.19 set this explicitly. This patchset was already reviewed by maintainers actually and ran on different platforms.
> It could be related to the recipe as well, but as you can see I'm not doing anything complicated there.
>
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 TEE load address @ 0xcf412000
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 Call stack:
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41eb3c
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf42bafc
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41bd4c
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf42d548
> > 2022-12-21 11:33:27 - INFO - E/TC:0 0 0xcf41e268
> > 2022-12-21 11:33:27 - INFO - runqemu - INFO - SIGTERM received
> > 2022-12-21 11:33:27 - INFO - runqemu - INFO - Cleaning up
> > 2022-12-21 11:33:27 - INFO - runqemu - INFO - Host uptime: 1436.86
> > 2022-12-21 11:33:27 - INFO -
> > 2022-12-21 11:33:27 - INFO - tput: No value for $TERM and no -T specified
> > 2022-12-21 11:33:27 - INFO - tput: No value for $TERM and no -T specified
> >
> > This is the error message. We also have the same issue for n1sdp since the new optee is looking for an SP manifest in FIP..
>
> AFAIK, secure partitions are not enabled by default in OP-TEE. So how
> does that get enabled for Qemu? Also, I can see from your patch-set
> that you enable secure partitions explicitly for n1sdp.
>
> > Need to create a bbappend or an inc file for qemuarm-secureboot as well where the necessary flags are set. Just left it for now since there are other platforms that use optee 3.18 version. I think this can be fixed relatively easily when all the platforms upgrades to 3.19.
>
> I would suggest that we update Qemu as part of OP-TEE uprev as that is
> something which others could test as well as something that can be
> tested in CI as well.
>
> I kindly disagree with this :) Normally, there is always an uprev work for components every now and then.

The general practice is to bump up the component's version rather than
supporting multiple versions. If any bsp layer like meta-arm-bsp has a
different need for a component version then it can stick to an older
version and migrate later.

> Someone pushes a new recipe for the new version and if any platform fails, Maintainers ask platform-maintainers to fix it.

Qemu support is part of the meta-arm layer which has the OP-TEE
recipes too, see:

$ ls meta-arm/conf/machine/
generic-arm64.conf  qemuarm64-secureboot.conf  qemuarm-secureboot.conf
 qemu-generic-arm64.conf

So I would leave it upto meta-arm maintainers to decide here.

-Sumit

> At least that's our experience on corstone1000 and it makes sense, to be honest. I think optee uprev work and upgrading other platforms should go separately if it doesn't work out-of-the-box. I.E. Next month, I'll update corstone1000 to optee 3.19, because it doesn't work quite right with the new version. However, this is not related to the new recipe, it's rather related to configurations.
>
> -Sumit
>
> >
> > -Emek
> >
> > > This pins optee-os version to 3.18 for
> > > qemuarm-secureboot.
> > >
> > > Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
> > > ---
> > >  meta-arm/conf/machine/qemuarm-secureboot.conf   | 3 +++
> > >  meta-arm/conf/machine/qemuarm64-secureboot.conf | 3 +++
> > >  2 files changed, 6 insertions(+)
> > >
> > > diff --git a/meta-arm/conf/machine/qemuarm-secureboot.conf b/meta-arm/conf/machine/qemuarm-secureboot.conf
> > > index f08b84fe..db02dc68 100644
> > > --- a/meta-arm/conf/machine/qemuarm-secureboot.conf
> > > +++ b/meta-arm/conf/machine/qemuarm-secureboot.conf
> > > @@ -21,3 +21,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
> > >  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
> > >
> > >  MACHINE_FEATURES += "optee-ftpm"
> > > +
> > > +PREFERRED_VERSION_optee-os ?= "3.18.%"
> > > +
> > > diff --git a/meta-arm/conf/machine/qemuarm64-secureboot.conf b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > > index 55c4cab4..7277817d 100644
> > > --- a/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > > +++ b/meta-arm/conf/machine/qemuarm64-secureboot.conf
> > > @@ -23,3 +23,6 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
> > >  IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
> > >
> > >  MACHINE_FEATURES += "optee-ftpm"
> > > +
> > > +PREFERRED_VERSION_optee-os ?= "3.18.%"
> > > +
> > > --
> > > 2.17.1
> > >
> > >
> > >
> > >
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#4224): https://lists.yoctoproject.org/g/meta-arm/message/4224
> Mute This Topic: https://lists.yoctoproject.org/mt/95807186/1777089
> Group Owner: meta-arm+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/meta-arm/unsub [sumit.garg@linaro.org]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Ross Burton Jan. 5, 2023, 3:31 p.m. UTC | #5
On 23 Dec 2022, at 05:47, Sumit Garg <sumit.garg@linaro.org> wrote:
> 
> Qemu support is part of the meta-arm layer which has the OP-TEE
> recipes too, see:
> 
> $ ls meta-arm/conf/machine/
> generic-arm64.conf  qemuarm64-secureboot.conf  qemuarm-secureboot.conf
> qemu-generic-arm64.conf
> 
> So I would leave it upto meta-arm maintainers to decide here.

I’m definitely no optee expert, but I’d much prefer it if qemuarm64-secureboot was fixed instead of left on the old release.

As there’s no hardware requirement and runqemu works it should be easy to test for someone who knows what the problem actually is.

Ross
diff mbox series

Patch

diff --git a/meta-arm/conf/machine/qemuarm-secureboot.conf b/meta-arm/conf/machine/qemuarm-secureboot.conf
index f08b84fe..db02dc68 100644
--- a/meta-arm/conf/machine/qemuarm-secureboot.conf
+++ b/meta-arm/conf/machine/qemuarm-secureboot.conf
@@ -21,3 +21,6 @@  WKS_FILE_DEPENDS = "trusted-firmware-a"
 IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
 
 MACHINE_FEATURES += "optee-ftpm"
+
+PREFERRED_VERSION_optee-os ?= "3.18.%"
+
diff --git a/meta-arm/conf/machine/qemuarm64-secureboot.conf b/meta-arm/conf/machine/qemuarm64-secureboot.conf
index 55c4cab4..7277817d 100644
--- a/meta-arm/conf/machine/qemuarm64-secureboot.conf
+++ b/meta-arm/conf/machine/qemuarm64-secureboot.conf
@@ -23,3 +23,6 @@  WKS_FILE_DEPENDS = "trusted-firmware-a"
 IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
 
 MACHINE_FEATURES += "optee-ftpm"
+
+PREFERRED_VERSION_optee-os ?= "3.18.%"
+