diff mbox series

[3/3] arm-bsp: add git recipe versions

Message ID 20251210163332.66571-3-jon.mason@arm.com
State New
Headers show
Series [1/3] arm-bsp/u-boot: update fvp-base patches | expand

Commit Message

Jon Mason Dec. 10, 2025, 4:33 p.m. UTC 
Add git recipe versions that track the latest git versions of u-boot and
the various OP-TEE recipes.  This, in combination with the previously
existing trusted firmware a and m recipes, allows for using the latest
code in platform development and testing (as part of CI).

For CI usage, a KAS yml file has been created to allow for those recipes
to be used, and an entry for fvp-base has been added to the gitlab CI
yml file.

NOTE: the wildcard for corstone1000 u-boot PREFERRED_VERSION was causing
it to pick-up the newest version (and failing to apply the patches).
The wildcard is unnecessary, since it is using a layer supplied package.
So, remove it and everyone is happy.

Signed-off-by: Jon Mason <jon.mason@arm.com>
---
 .gitlab-ci.yml                                |  3 ++
 ci/latest-revisions.yml                       | 15 +++++++++
 .../conf/machine/include/corstone1000.inc     |  2 +-
 .../recipes-bsp/u-boot/u-boot-fvp-base.inc    |  6 ++++
 ....bbappend => optee-os-tadevkit_%.bbappend} |  0
 ...ee-os_4.%.bbappend => optee-os_%.bbappend} |  0
 ...est_4.%.bbappend => optee-test_%.bbappend} |  0
 meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend |  6 ++++
 .../recipes-security/optee/optee-client.inc   |  5 ++-
 .../optee/optee-client_4.7.0.bb               |  4 ---
 .../optee/optee-client_git.bb                 | 11 +++++++
 .../optee/optee-examples_git.bb               |  8 +++++
 .../optee/optee-os-tadevkit_git.bb            | 32 +++++++++++++++++++
 ...ee-os_4.%.bbappend => optee-os_%.bbappend} |  0
 .../recipes-security/optee/optee-os_git.bb    | 10 ++++++
 .../recipes-security/optee/optee-test_git.bb  | 20 ++++++++++++
 16 files changed, 116 insertions(+), 6 deletions(-)
 create mode 100644 ci/latest-revisions.yml
 rename meta-arm-bsp/recipes-security/optee/{optee-os-tadevkit_4.%.bbappend => optee-os-tadevkit_%.bbappend} (100%)
 rename meta-arm-bsp/recipes-security/optee/{optee-os_4.%.bbappend => optee-os_%.bbappend} (100%)
 rename meta-arm-bsp/recipes-security/optee/{optee-test_4.%.bbappend => optee-test_%.bbappend} (100%)
 create mode 100644 meta-arm/recipes-security/optee/optee-client_git.bb
 create mode 100644 meta-arm/recipes-security/optee/optee-examples_git.bb
 create mode 100644 meta-arm/recipes-security/optee/optee-os-tadevkit_git.bb
 rename meta-arm/recipes-security/optee/{optee-os_4.%.bbappend => optee-os_%.bbappend} (100%)
 create mode 100644 meta-arm/recipes-security/optee/optee-os_git.bb
 create mode 100644 meta-arm/recipes-security/optee/optee-test_git.bb
diff mbox series

Patch

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 4e1dc0e3f91c..095a1addc21b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -209,6 +209,9 @@  fvp-base:
       - FIRMWARE: [u-boot, edk2]
         TESTING: testimage
       - SYSTEMREADY_FIRMWARE: arm-systemready-firmware
+      - KERNEL: linux-yocto-dev
+        LATEST: latest-revisions
+        TESTING: testimage
 
 fvps:
   extends: .build
diff --git a/ci/latest-revisions.yml b/ci/latest-revisions.yml
new file mode 100644
index 000000000000..94d6bc2eadc0
--- /dev/null
+++ b/ci/latest-revisions.yml
@@ -0,0 +1,15 @@ 
+# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
+
+header:
+  version: 14
+
+local_conf_header:
+  latest_revisions: |
+    PREFERRED_VERSION_trusted-firmware-a ?= "git"
+    PREFERRED_VERSION_trusted-firmware-m ?= "git"
+    PREFERRED_VERSION_optee-client ?= "git"
+    PREFERRED_VERSION_optee-examples ?= "git"
+    PREFERRED_VERSION_optee-os-tadevkit ?= "git"
+    PREFERRED_VERSION_optee-os ?= "git"
+    PREFERRED_VERSION_optee-test ?= "git"
+    PREFERRED_PROVIDER_u-boot = "u-boot:class-devupstream"
diff --git a/meta-arm-bsp/conf/machine/include/corstone1000.inc b/meta-arm-bsp/conf/machine/include/corstone1000.inc
index 09468c7c0fa4..6f5127b67855 100644
--- a/meta-arm-bsp/conf/machine/include/corstone1000.inc
+++ b/meta-arm-bsp/conf/machine/include/corstone1000.inc
@@ -26,7 +26,7 @@  TS_SP_SE_PROXY_CONFIG = "corstone1000"
 MACHINE_FEATURES += "ts-smm-gateway ts-se-proxy"
 
 # U-Boot
-PREFERRED_VERSION_u-boot ?= "2025.04%"
+PREFERRED_VERSION_u-boot ?= "2025.04"
 MACHINE_FEATURES += "efi"
 EFI_PROVIDER ?= "grub-efi"
 
diff --git a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc
index e7f2287797b6..44b98f8fca7e 100644
--- a/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc
+++ b/meta-arm-bsp/recipes-bsp/u-boot/u-boot-fvp-base.inc
@@ -6,3 +6,9 @@  SRC_URI:append = " \
     file://0002-arm-vexpress64-Enable-SYSRESET-and-SYSRESET_PSCI.patch \
     file://0003-vexpress64-Imply-CONFIG_ARM64_CRC32-by-default.patch \
     "
+
+# Remove backported patches from latest version
+SRC_URI:remove:class-devupstream = " \
+    file://0001-vexpress64-Set-the-DM_RNG-property.patch \
+    file://0002-arm-vexpress64-Enable-SYSRESET-and-SYSRESET_PSCI.patch \
+    "
diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_4.%.bbappend b/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_%.bbappend
similarity index 100%
rename from meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_4.%.bbappend
rename to meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_%.bbappend
diff --git a/meta-arm-bsp/recipes-security/optee/optee-os_4.%.bbappend b/meta-arm-bsp/recipes-security/optee/optee-os_%.bbappend
similarity index 100%
rename from meta-arm-bsp/recipes-security/optee/optee-os_4.%.bbappend
rename to meta-arm-bsp/recipes-security/optee/optee-os_%.bbappend
diff --git a/meta-arm-bsp/recipes-security/optee/optee-test_4.%.bbappend b/meta-arm-bsp/recipes-security/optee/optee-test_%.bbappend
similarity index 100%
rename from meta-arm-bsp/recipes-security/optee/optee-test_4.%.bbappend
rename to meta-arm-bsp/recipes-security/optee/optee-test_%.bbappend
diff --git a/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend b/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend
index 8542ccfc9084..8ddc53619560 100644
--- a/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend
+++ b/meta-arm/recipes-bsp/u-boot/u-boot_%.bbappend
@@ -4,3 +4,9 @@  SRC_URI:append:qemuarm64-secureboot = " file://qemuarm64.cfg"
 SRC_URI:append:qemuarm-secureboot = " file://qemuarm.cfg"
 
 require ${@bb.utils.contains('MACHINE_FEATURES', 'uefi-secureboot', 'u-boot-uefi-secureboot.inc', '', d)}
+
+# Work some magic here for devupstream
+BBCLASSEXTEND = "devupstream:target"
+SRC_URI:class-devupstream = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master"
+# tag: v2026.01-rc2
+SRCREV:class-devupstream = "365a7079fb918643da0f0709660a7d8ea76dd6f3"
diff --git a/meta-arm/recipes-security/optee/optee-client.inc b/meta-arm/recipes-security/optee/optee-client.inc
index 0c3aefbb6c36..4d3d83da4521 100644
--- a/meta-arm/recipes-security/optee/optee-client.inc
+++ b/meta-arm/recipes-security/optee/optee-client.inc
@@ -5,7 +5,10 @@  HOMEPAGE = "https://www.op-tee.org/"
 LICENSE = "BSD-2-Clause"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b"
 
-inherit systemd update-rc.d cmake useradd
+inherit systemd update-rc.d cmake useradd pkgconfig
+
+DEPENDS += "util-linux"
+EXTRA_OEMAKE += "PKG_CONFIG=pkg-config"
 
 SRC_URI = " \
     git://github.com/OP-TEE/optee_client.git;branch=master;protocol=https \
diff --git a/meta-arm/recipes-security/optee/optee-client_4.7.0.bb b/meta-arm/recipes-security/optee/optee-client_4.7.0.bb
index 00f829e18bfb..2fb157dfec81 100644
--- a/meta-arm/recipes-security/optee/optee-client_4.7.0.bb
+++ b/meta-arm/recipes-security/optee/optee-client_4.7.0.bb
@@ -3,7 +3,3 @@  require recipes-security/optee/optee-client.inc
 # v4.7.0
 SRCREV = "23c112a6f05cc5e39bd4aaf52ad515cad532237d"
 SRC_URI += "file://0001-tee-supplicant-update-udev-systemd-install-code.patch"
-
-inherit pkgconfig
-DEPENDS += "util-linux"
-EXTRA_OEMAKE += "PKG_CONFIG=pkg-config"
diff --git a/meta-arm/recipes-security/optee/optee-client_git.bb b/meta-arm/recipes-security/optee/optee-client_git.bb
new file mode 100644
index 000000000000..9c1c622fb82f
--- /dev/null
+++ b/meta-arm/recipes-security/optee/optee-client_git.bb
@@ -0,0 +1,11 @@ 
+require recipes-security/optee/optee-client.inc
+
+# v4.8.0
+SRCREV = "9d6f69844ff60ec0966cf3659abcc38eda8b31ea"
+PV .= "+git"
+
+FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
+SRC_URI += "file://0001-tee-supplicant-update-udev-systemd-install-code.patch"
+
+# Not a release recipe, try our hardest to not pull this in implicitly
+DEFAULT_PREFERENCE = "-1"
diff --git a/meta-arm/recipes-security/optee/optee-examples_git.bb b/meta-arm/recipes-security/optee/optee-examples_git.bb
new file mode 100644
index 000000000000..e0c85660a8a3
--- /dev/null
+++ b/meta-arm/recipes-security/optee/optee-examples_git.bb
@@ -0,0 +1,8 @@ 
+require recipes-security/optee/optee-examples.inc
+
+# v4.8.0
+SRCREV = "3ef17eb1f309def91113637f95f67613b1d89119"
+PV .= "+git"
+
+# Not a release recipe, try our hardest to not pull this in implicitly
+DEFAULT_PREFERENCE = "-1"
diff --git a/meta-arm/recipes-security/optee/optee-os-tadevkit_git.bb b/meta-arm/recipes-security/optee/optee-os-tadevkit_git.bb
new file mode 100644
index 000000000000..78588b8111f4
--- /dev/null
+++ b/meta-arm/recipes-security/optee/optee-os-tadevkit_git.bb
@@ -0,0 +1,32 @@ 
+require recipes-security/optee/optee-os_${PV}.bb
+
+SUMMARY = "OP-TEE Trusted OS TA devkit"
+DESCRIPTION = "OP-TEE TA devkit for build TAs"
+HOMEPAGE = "https://www.op-tee.org/"
+
+DEPENDS += "python3-pycryptodome-native"
+
+do_install() {
+    #install TA devkit
+    install -d ${D}${includedir}/optee/export-user_ta/
+    for f in ${B}/export-ta_${OPTEE_ARCH}/* ; do
+        cp -aR $f ${D}${includedir}/optee/export-user_ta/
+    done
+}
+
+do_deploy() {
+	echo "Do not inherit do_deploy from optee-os."
+}
+
+FILES:${PN} = "${includedir}/optee/"
+
+# Build paths are currently embedded
+INSANE_SKIP:${PN}-dev += "buildpaths"
+
+# Include extra headers needed by SPMC tests to TA DEVKIT.
+# Supported after op-tee v3.20
+EXTRA_OEMAKE:append = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \
+                                        ' CFG_SPMC_TESTS=y', '' , d)}"
+
+# Not a release recipe, try our hardest to not pull this in implicitly
+DEFAULT_PREFERENCE = "-1"
diff --git a/meta-arm/recipes-security/optee/optee-os_4.%.bbappend b/meta-arm/recipes-security/optee/optee-os_%.bbappend
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os_4.%.bbappend
rename to meta-arm/recipes-security/optee/optee-os_%.bbappend
diff --git a/meta-arm/recipes-security/optee/optee-os_git.bb b/meta-arm/recipes-security/optee/optee-os_git.bb
new file mode 100644
index 000000000000..244ff9b71877
--- /dev/null
+++ b/meta-arm/recipes-security/optee/optee-os_git.bb
@@ -0,0 +1,10 @@ 
+require recipes-security/optee/optee-os.inc
+
+DEPENDS += "dtc-native"
+
+# v4.8.0
+SRCREV = "86660925433a8d4d1b19cfa5fe940081d77b34b4"
+PV .= "+git"
+
+# Not a release recipe, try our hardest to not pull this in implicitly
+DEFAULT_PREFERENCE = "-1"
diff --git a/meta-arm/recipes-security/optee/optee-test_git.bb b/meta-arm/recipes-security/optee/optee-test_git.bb
new file mode 100644
index 000000000000..d29333905865
--- /dev/null
+++ b/meta-arm/recipes-security/optee/optee-test_git.bb
@@ -0,0 +1,20 @@ 
+require recipes-security/optee/optee-test.inc
+
+# v4.8.0
+SRCREV = "6569cd7b13e1b37b37069e090d592adca7d3926d"
+PV .= "+git"
+
+LIC_FILES_CHKSUM = "file://LICENSE.md;md5=a8fa504109e4cd7ea575bc49ea4be560"
+
+# Include ffa_spmc test group if the SPMC test is enabled.
+# Supported after op-tee v3.20
+EXTRA_OEMAKE:append = "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \
+                                        ' CFG_SPMC_TESTS=y CFG_SECURE_PARTITION=y', '' , d)}"
+
+RDEPENDS:${PN} += "${@bb.utils.contains('MACHINE_FEATURES', 'optee-spmc-test', \
+                                              ' arm-ffa-user', '' , d)}"
+
+# Not a release recipe, try our hardest to not pull this in implicitly
+DEFAULT_PREFERENCE = "-1"
+
+CFLAGS += "-Wno-error=unterminated-string-initialization"