From patchwork Tue Apr 30 12:37:27 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mikko Rapeli <mikko.rapeli@linaro.org>
X-Patchwork-Id: 42949
Return-Path: <mikko.rapeli@linaro.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9708DC19F53
	for <webhook@archiver.kernel.org>; Tue, 30 Apr 2024 12:37:58 +0000 (UTC)
Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com
 [209.85.167.41])
 by mx.groups.io with SMTP id smtpd.web11.14054.1714480669870521581
 for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:50 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=fLME25Fv;
 spf=pass (domain: linaro.org, ip: 209.85.167.41,
 mailfrom: mikko.rapeli@linaro.org)
Received: by mail-lf1-f41.google.com with SMTP id
 2adb3069b0e04-516d1ecaf25so7815426e87.2
        for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1714480668; x=1715085468;
 darn=lists.yoctoproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=lFbeBJfkCazYlaTP/GNFnuK/S+C7yulSq/e202qjHZ0=;
        b=fLME25Fvwsbj5wBa/O3+aNUBjE577VpzDrxUBnRPtg2M6gNjcftiNG3knFQjkze1Md
         n2bTBaVisud9uaGJd3jSvkkP9G4O1Fh7GNmPallO7iKkwolPrWswTgj1yuSeJj2UFQxP
         nEHZtaxcJProz+2/k/sWAOoMWHUSipHyIwIdJCI5W6WG7RzEJOxQ14QHG2bcyHeOBMiW
         3v70bQ1ImTT6V6xlReuVRh+iJvoOl6o9XSdSO6OTC7hPr+7OcZv7yDtnvwarsM+Ig9Bs
         9UMUlEOlHOraCIQGaXokqOHBZYfuDDyvArnUHUSq5vZZRSoepkMAganQOrw0ROvj1YcK
         p0OA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1714480668; x=1715085468;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=lFbeBJfkCazYlaTP/GNFnuK/S+C7yulSq/e202qjHZ0=;
        b=rCZtyRJvq9/SS0n3Q7AX3KmY+MGzUyfkZaLywdLGEdvE8XzqOzPTxZiBpzAZ6gLpft
         aT8kVrAoh4wMnRrQb8ijXTSIA0bdbbLG1mS6cksgMtttD4EyW3kTARRNieIsnF0NDINc
         CjSqQe/wjwlZsZt1zKMJkxe5ZvcUYauh5MI5TZYh/kz4EmsekkXMo4C3lvCEdmqhtaXa
         abD5cLy5CovRVZfXdJPfIpOhYBTGiuhRt7gW6QIChdMlepwVHeP+FNX146ZY60T6dKBU
         OFt0y2oeKx4qV7PJ7Rvai9etWnHnjV8N7O7R7L5p8HNbXtzPOkMSdzYrmK7PdpuRGk+f
         x43g==
X-Gm-Message-State: AOJu0Yz1r/3c4jhAsrooQo7C1g+SJ0C1IcJkRihByKmpANpjzoCtrgFU
	rP7o8W+kWrg/hIFSwhPNJnuwok2lYZ6LeTrROTwYomV4NzM6nSHgalvvH/G+9lMMWpPp5lrRkxc
	WHqc=
X-Google-Smtp-Source: 
 AGHT+IEmfQVKtWWoBfsH1r7DKQeQ+pUJ3wmn9ePRIV9Gdui+Nsdt2n2ug9RTL5imCoUFqrJ2gRr/7g==
X-Received: by 2002:a05:6512:3497:b0:51d:6260:3222 with SMTP id
 v23-20020a056512349700b0051d62603222mr1706062lfr.45.1714480667862;
        Tue, 30 Apr 2024 05:37:47 -0700 (PDT)
Received: from localhost.localdomain (87-100-245-199.bb.dnainternet.fi.
 [87.100.245.199])
        by smtp.gmail.com with ESMTPSA id
 cf12-20020a056512280c00b0051b41844048sm3011149lfb.285.2024.04.30.05.37.46
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 05:37:47 -0700 (PDT)
From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 1/6] trusted-firmware-a: continue if TPM device is missing
Date: Tue, 30 Apr 2024 15:37:27 +0300
Message-Id: <20240430123732.534277-2-mikko.rapeli@linaro.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240430123732.534277-1-mikko.rapeli@linaro.org>
References: <20240430123732.534277-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Tue, 30 Apr 2024 12:37:58 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5642

All other firmware boot components also continue booting
if TPM is not found. It is up to subsequent SW components
to e.g. fail if rootfs can't be decrypted. Enables policies
like fall back to unencrypted rootfs if TPM device is
not found with qemu and swtpm.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 ...ot.c-ignore-TPM-error-and-continue-w.patch | 36 +++++++++++++++++++
 .../trusted-firmware-a_2.10.3.bb              |  5 +++
 2 files changed, 41 insertions(+)
 create mode 100644 meta-arm/recipes-bsp/trusted-firmware-a/files/0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch

diff --git a/meta-arm/recipes-bsp/trusted-firmware-a/files/0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch b/meta-arm/recipes-bsp/trusted-firmware-a/files/0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch
new file mode 100644
index 00000000..2d189d8e
--- /dev/null
+++ b/meta-arm/recipes-bsp/trusted-firmware-a/files/0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch
@@ -0,0 +1,36 @@
+From 1d1425bde8435d6e2b3e4f2b7bcb2eb293ef9601 Mon Sep 17 00:00:00 2001
+From: Mikko Rapeli <mikko.rapeli@linaro.org>
+Date: Mon, 15 Jan 2024 09:26:56 +0000
+Subject: [PATCH] qemu_measured_boot.c: ignore TPM error and continue with boot
+
+If firmware is configured with TPM support but it's missing
+on HW, e.g. swtpm not started and/or configured with qemu,
+then continue booting. Missing TPM is not a fatal error.
+Enables testing boot without TPM device to see that
+missing TPM is detected further up the SW stack and correct
+fallback actions are taken.
+
+Upstream-Status: Pending
+
+Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
+---
+ plat/qemu/qemu/qemu_measured_boot.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/plat/qemu/qemu/qemu_measured_boot.c b/plat/qemu/qemu/qemu_measured_boot.c
+index 122bb23b14..731b081c47 100644
+--- a/plat/qemu/qemu/qemu_measured_boot.c
++++ b/plat/qemu/qemu/qemu_measured_boot.c
+@@ -79,7 +79,8 @@ void bl2_plat_mboot_finish(void)
+ 		 * Note: In QEMU platform, OP-TEE uses nt_fw_config to get the
+ 		 * secure Event Log buffer address.
+ 		 */
+-		panic();
++		ERROR("Ignoring TPM errors, continuing without\n");
++		return;
+ 	}
+ 
+ 	/* Copy Event Log to Non-secure memory */
+-- 
+2.34.1
+
diff --git a/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.3.bb b/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.3.bb
index b30ac725..13942dbb 100644
--- a/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.3.bb
+++ b/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.10.3.bb
@@ -11,3 +11,8 @@ SRC_URI_MBEDTLS = "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=ht
 SRCREV_mbedtls = "72718dd87e087215ce9155a826ee5a66cfbe9631"
 
 LIC_FILES_CHKSUM_MBEDTLS = "file://mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+# continue to boot also without TPM
+SRC_URI += "\
+    file://0001-qemu_measured_boot.c-ignore-TPM-error-and-continue-w.patch \
+"

From patchwork Tue Apr 30 12:37:28 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mikko Rapeli <mikko.rapeli@linaro.org>
X-Patchwork-Id: 42950
Return-Path: <mikko.rapeli@linaro.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id BABD2C41513
	for <webhook@archiver.kernel.org>; Tue, 30 Apr 2024 12:37:58 +0000 (UTC)
Received: from mail-lf1-f53.google.com (mail-lf1-f53.google.com
 [209.85.167.53])
 by mx.groups.io with SMTP id smtpd.web11.14055.1714480671765846615
 for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:52 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=Y47OvMUH;
 spf=pass (domain: linaro.org, ip: 209.85.167.53,
 mailfrom: mikko.rapeli@linaro.org)
Received: by mail-lf1-f53.google.com with SMTP id
 2adb3069b0e04-51abf1a9332so7687439e87.3
        for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1714480670; x=1715085470;
 darn=lists.yoctoproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=4lEGINr9IXckZcAjij86rQAiYwUSXXLm6Z1SZB3hHek=;
        b=Y47OvMUHciiMb2c836aPpxyMhVLPHMklAqBRGwr3poPx0Am1fPPFt/cJaqfNZcLblQ
         gnW9CfOvGtZmsbtXyVdmTXcLRmSOiEeKcebtJmgUlJqheaq70sp/AGxyFavH2rWVwR78
         RuaSodmKCBh1ykeVyiqnmK9ztlDGDJ3EeU1O3//IWWHIdtREWpVV5am2eEAWYcAyE0OF
         cjSmY2cC03U8spEkJ0vtI0dXLhi/vtu0Icvgv9Nt94oOUT2JHxKNPzGgF1RFWA5ef6MC
         28bpaS+b+aWlmw0vrukXQtecDm/EA/JDNPqk0MlNS2LRMZpQWm0dOdznP0nOjEmAw8ZH
         Q6FA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1714480670; x=1715085470;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=4lEGINr9IXckZcAjij86rQAiYwUSXXLm6Z1SZB3hHek=;
        b=pZnY4zwnJFYiWjq5N66Q+sHjOmMELfGeYvvenDUwmzUhoN54ME3cHUGWP03FZ+H+GT
         sWmIkJoA3T25ItausbsHnFuG+eF45xBfcsBzpEKunJYNgtoQJii9vQkV1a6Y4Q/aFuwk
         uGstmLSBaYsnq5GsmJcrG3mq8XgKKmf6FBhuj5y3a59vdKo8zytoepAa9Pub39368gDG
         HL9fai+QCHq/sreu/778wRf+AF0/YcUC2v4qU0preH+f28gp9l7WLTcUbBpxxu4XBw/h
         XZeeK2tGN/pPiiVoPdryqJf4lpdFjgYZorYsD0lYUFsTNh0qbi38v7rtwKtuB9dTwSOG
         PrYQ==
X-Gm-Message-State: AOJu0Yx08idIfmAki9NBbFu4kOcScDfg+to1imEDhF+f+2Qdx1zkC7Ua
	zQuQ1s3kWOkw+OKjxLZEd4dHFFMGzduLJhI6LRhAAW7VdDLLbFYc207J5vzL7q7sG1sqZlKieGY
	/XoE=
X-Google-Smtp-Source: 
 AGHT+IE9h84N85KnUKcvR6mPLEgk+6rToyx+fabmpf8wkv6hQSWga/tE2MVF3njks0ATgmuze6mtIg==
X-Received: by 2002:ac2:4436:0:b0:51c:deb0:fc14 with SMTP id
 w22-20020ac24436000000b0051cdeb0fc14mr6713953lfl.24.1714480669981;
        Tue, 30 Apr 2024 05:37:49 -0700 (PDT)
Received: from localhost.localdomain (87-100-245-199.bb.dnainternet.fi.
 [87.100.245.199])
        by smtp.gmail.com with ESMTPSA id
 cf12-20020a056512280c00b0051b41844048sm3011149lfb.285.2024.04.30.05.37.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 05:37:49 -0700 (PDT)
From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 2/6] optee-os: inrease heap size with fTPM
Date: Tue, 30 Apr 2024 15:37:28 +0300
Message-Id: <20240430123732.534277-3-mikko.rapeli@linaro.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240430123732.534277-1-mikko.rapeli@linaro.org>
References: <20240430123732.534277-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Tue, 30 Apr 2024 12:37:58 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5643

If firmware TPM TA is compiled into optee, it needs a bit more
heap to pass optee-test/xtest suite.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 .../optee-ftpm/optee-os_%.bbappend               | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/meta-arm/recipes-security/optee-ftpm/optee-os_%.bbappend b/meta-arm/recipes-security/optee-ftpm/optee-os_%.bbappend
index 4829bc10..31be0e8f 100644
--- a/meta-arm/recipes-security/optee-ftpm/optee-os_%.bbappend
+++ b/meta-arm/recipes-security/optee-ftpm/optee-os_%.bbappend
@@ -1,15 +1,11 @@
 FTPM_UUID="bc50d971-d4c9-42c4-82cb-343fb7f37896"
 
 DEPENDS:append = "\
-                  ${@bb.utils.contains('MACHINE_FEATURES', \
-                 'optee-ftpm', \
-                 'optee-ftpm', \
-                 '' , \
-                 d)}"
+    ${@bb.utils.contains('MACHINE_FEATURES', 'optee-ftpm', 'optee-ftpm', '' , d)} \
+"
 
 EXTRA_OEMAKE:append = "\
-                       ${@bb.utils.contains('MACHINE_FEATURES', \
-                      'optee-ftpm', \
-                      'CFG_EARLY_TA=y EARLY_TA_PATHS="${STAGING_DIR_TARGET}/${base_libdir}/optee_armtz/${FTPM_UUID}.stripped.elf"', \
-                      '', \
-                      d)} "
+    ${@bb.utils.contains('MACHINE_FEATURES', 'optee-ftpm', \
+        'CFG_CORE_HEAP_SIZE=131072 CFG_EARLY_TA=y EARLY_TA_PATHS="${STAGING_DIR_TARGET}/${base_libdir}/optee_armtz/${FTPM_UUID}.stripped.elf"', \
+        '', d)} \
+"

From patchwork Tue Apr 30 12:37:29 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mikko Rapeli <mikko.rapeli@linaro.org>
X-Patchwork-Id: 42952
Return-Path: <mikko.rapeli@linaro.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id BABA2C10F16
	for <webhook@archiver.kernel.org>; Tue, 30 Apr 2024 12:37:58 +0000 (UTC)
Received: from mail-lf1-f49.google.com (mail-lf1-f49.google.com
 [209.85.167.49])
 by mx.groups.io with SMTP id smtpd.web11.14056.1714480673303558215
 for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:53 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=jGDmm7gW;
 spf=pass (domain: linaro.org, ip: 209.85.167.49,
 mailfrom: mikko.rapeli@linaro.org)
Received: by mail-lf1-f49.google.com with SMTP id
 2adb3069b0e04-516d3a470d5so6975409e87.3
        for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1714480671; x=1715085471;
 darn=lists.yoctoproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=tnd3M0PwMZ6yQVhaLKIucZLwmfXvKhyl9thsZed0y/U=;
        b=jGDmm7gWjVP+dJb3VKg6fdsXRQYCB/N5qj2o/QMFLYDxXEMqQ0ddyOZZgtceomWa/m
         Jin2U/gi6bf3zDD0G4hqQrBH2MivkL0kMhi7KASd6mJ6gdCDOJUmIK/gFRGXDSTW+Lwk
         lB1pfIhyq3qnG5Zef3BK2BCrr+6PaVZDNo3+tG6vGLZFpxzweBh1VrdT+H0A0MCJajBu
         EGguUDKtfcDCaccsc4yuI7C2MqTO3K6HR+AyqYKJAQZxJvGW+DCGW/+pSsjAKP1tj9hY
         FKF/Rr/BrAayxy5n9OI1072HSs5daL/fDxuz0m0+pW8NXmXOVyM3rjbCpmDUpSlUz4bE
         OeAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1714480671; x=1715085471;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=tnd3M0PwMZ6yQVhaLKIucZLwmfXvKhyl9thsZed0y/U=;
        b=nWWBd5XrQSf/wU4v6gbWYFTyTd+rGNWf+y/8FknyPiI37hoOrRuAwer+xNfnOH0k4M
         jM7XMkNEvQHaGH0nCdniDcvhOeJ31xwsmjHa1i8iZL3z0x1vQVfuFNB+aEP0AzrGnfTM
         vsNSVeGGngG2arGYR92xvxA7JHcL6cZecMJn9YvgtPXWhQmeG8d/uvyqWpUhzFCluUCT
         KBvso401JewtP6zQXkzcC0fg7EdqwVVftLsY3QlfM+w+5gK8Fzholi5QefgA65vThny2
         LfyW5gbbvFz8Fud+qUXmUK4oMAyMCxSNIAQ6OGVq8Y2965u6+9WcY7TRt+tgCggOKwvW
         6pCw==
X-Gm-Message-State: AOJu0YxN3En05ZJUy8ongJZLiQX1nIjWqax4ex0Mt50W1E0eK12wOhG5
	ujyeG5O5QGEnpArvxlcCg52NDRhJQcJ+z88/P7qjEy8H1rScqAs8WQahRmXxVARsl8iI3yFtLNS
	c6q8=
X-Google-Smtp-Source: 
 AGHT+IGCXu8vUoe2G8ta4KZRUV88uGjTmXPl1Y3bLXTFw0Qp2vDCHIDOdfJlimtSpCNpNqJcH22fAg==
X-Received: by 2002:a05:6512:448:b0:519:6e94:9b4d with SMTP id
 y8-20020a056512044800b005196e949b4dmr9265868lfk.48.1714480671633;
        Tue, 30 Apr 2024 05:37:51 -0700 (PDT)
Received: from localhost.localdomain (87-100-245-199.bb.dnainternet.fi.
 [87.100.245.199])
        by smtp.gmail.com with ESMTPSA id
 cf12-20020a056512280c00b0051b41844048sm3011149lfb.285.2024.04.30.05.37.50
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 05:37:51 -0700 (PDT)
From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 3/6] oeqa runtime: add optee.py test
Date: Tue, 30 Apr 2024 15:37:29 +0300
Message-Id: <20240430123732.534277-4-mikko.rapeli@linaro.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240430123732.534277-1-mikko.rapeli@linaro.org>
References: <20240430123732.534277-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Tue, 30 Apr 2024 12:37:58 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5644

The test runs xtest test suite from optee-tests package.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 meta-arm/lib/oeqa/runtime/cases/optee.py | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 meta-arm/lib/oeqa/runtime/cases/optee.py

diff --git a/meta-arm/lib/oeqa/runtime/cases/optee.py b/meta-arm/lib/oeqa/runtime/cases/optee.py
new file mode 100644
index 00000000..0a0bc31e
--- /dev/null
+++ b/meta-arm/lib/oeqa/runtime/cases/optee.py
@@ -0,0 +1,24 @@
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.runtime.decorator.package import OEHasPackage
+from oeqa.core.decorator.oetimeout import OETimeout
+
+class OpteeTestSuite(OERuntimeTestCase):
+    """
+    Run OP-TEE tests (xtest).
+    """
+    @OETimeout(800)
+    @OEHasPackage(['optee-test'])
+    def test_opteetest_xtest(self):
+        # clear storage before executing tests
+        cmd = "xtest --clear-storage || true"
+        status, output = self.target.run(cmd, timeout=60)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+        cmd = "xtest"
+        status, output = self.target.run(cmd, timeout=600)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))

From patchwork Tue Apr 30 12:37:30 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mikko Rapeli <mikko.rapeli@linaro.org>
X-Patchwork-Id: 42951
Return-Path: <mikko.rapeli@linaro.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C90D4C25B5C
	for <webhook@archiver.kernel.org>; Tue, 30 Apr 2024 12:37:58 +0000 (UTC)
Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com
 [209.85.167.51])
 by mx.groups.io with SMTP id smtpd.web10.14257.1714480675044631694
 for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:55 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=IoUG1gN2;
 spf=pass (domain: linaro.org, ip: 209.85.167.51,
 mailfrom: mikko.rapeli@linaro.org)
Received: by mail-lf1-f51.google.com with SMTP id
 2adb3069b0e04-51c66cc680aso4314520e87.1
        for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1714480673; x=1715085473;
 darn=lists.yoctoproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=WL9ZbnKK+8amjopV3yuYBxmkg4UQKVD6wcu1MzeUMOM=;
        b=IoUG1gN2E2giz5uuyVWjO8bjZsppOK2GpevRS8srg+kqT555ap4OlZpp4UKaw7x6rb
         i/MpbXhdnF4AzR0VlXj8om3D1AjAICa5kAgQIVMjQv8e+hHiiINnfQq9VajP1ufUrP+F
         rai5+gp3L4/P8zslfXL4UTnV1E1GBzRFAUgWwbYjltfqPh4ml5bkpXUhiSIo53oS5U5a
         WoWesgIJHWmdwzS1F3ntUoMo0kJkfp4mJVUac9QAtCTsPj3HacrfVV679uMiRfgFjqOJ
         aYE3Pu+AvjsNVJvarQ5vRi1FfJhkpkSB+5R9ynqYcMYJmjn33xlueWkSEt2tr5WbeogC
         zaBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1714480673; x=1715085473;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=WL9ZbnKK+8amjopV3yuYBxmkg4UQKVD6wcu1MzeUMOM=;
        b=DyZBLEVTh63HcJUly7miAZjscFzUo94qNWrewEl8qBSzjo/qcwGGa+vp4uSHFkwCwd
         aQMIrlDgX5z3D+zjCSLi4ToIqlKGa0aB/2jUYywT2KVuUriBB3vFK9eEym9D9Hrdvo5Z
         Y+aM+jMsr6omnwmJcWNKFLWtyQcGEv2HpIz5Dj2SdrIJej4D7k55vvGXwAhe9nxodDt8
         Rx+jy9w77gaevL8eMS8pdBPyfeuP8xdYn1Rf7jSIX4OsIoZA8ORSzVXh16CeAOw9hsKa
         kAQwTzyArC/jEh/H0/sflDBH+Fa0XDLfIHpH0FZasZ0A2+xkaAqvk452qPNGXy21VIAJ
         V+Kg==
X-Gm-Message-State: AOJu0Ywy6kAUgCvlr1AYJrO2WVZlO+Hu9pzGNrmBAx7IOfA2o62Ry2Am
	jDdpqYBgCpmg9KJdG+1IRRK7PxttUHakNelAhOSv1/k2fOuHY+FFfP/A3Z3/0mCkGlhUZ4/uTAI
	/NPI=
X-Google-Smtp-Source: 
 AGHT+IHe1OkC0GOydeXt2beOKf72eKAEMu8SQiGKPOIhrpVs0wWR3B3YcaYwSTP6nvmIiRvnepaf8w==
X-Received: by 2002:ac2:59d1:0:b0:51d:534d:cb6c with SMTP id
 x17-20020ac259d1000000b0051d534dcb6cmr759541lfn.0.1714480673241;
        Tue, 30 Apr 2024 05:37:53 -0700 (PDT)
Received: from localhost.localdomain (87-100-245-199.bb.dnainternet.fi.
 [87.100.245.199])
        by smtp.gmail.com with ESMTPSA id
 cf12-20020a056512280c00b0051b41844048sm3011149lfb.285.2024.04.30.05.37.52
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 05:37:52 -0700 (PDT)
From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 4/6] oeqa runtime: add ftpm.py test
Date: Tue, 30 Apr 2024 15:37:30 +0300
Message-Id: <20240430123732.534277-5-mikko.rapeli@linaro.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240430123732.534277-1-mikko.rapeli@linaro.org>
References: <20240430123732.534277-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Tue, 30 Apr 2024 12:37:58 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5645

Test checks that ftpm kernel driver interfaces are available.
If fTPM optee TA is missing or crashes, the kernel driver does not
show the interfaces. A more functional tests would be to use tpm2-tools
from meta-security/meta-tpm but those require additional layer
dependencies which are maybe too much for now. tpm2-tools also depend
on starting tpm2-abrmd before the tools work. The ftpm kernel driver
depends on fully running tee-supplicant in userspace and the optee
side ftpm TA which takes some time. When manually running the tests
some of them failed since ftpm was not yet initialized. The boot
was not complete in those cases so added a workaround for that.
Better would be for all of the tests to start only once boot is
complete, not when ssh is available. Also, the qemuarm64-secureboot
machine includes optee and ftpm TA but does u-boot is not configured
to use the TPM device so boot is not measured.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 meta-arm/lib/oeqa/runtime/cases/ftpm.py | 41 +++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 meta-arm/lib/oeqa/runtime/cases/ftpm.py

diff --git a/meta-arm/lib/oeqa/runtime/cases/ftpm.py b/meta-arm/lib/oeqa/runtime/cases/ftpm.py
new file mode 100644
index 00000000..1fd3cf88
--- /dev/null
+++ b/meta-arm/lib/oeqa/runtime/cases/ftpm.py
@@ -0,0 +1,41 @@
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.oetimeout import OETimeout
+
+class FtpmTestSuite(OERuntimeTestCase):
+    """
+    Minimal test for optee-ftpm and ftpm kernel driver interfaces
+    """
+    @OETimeout(200)
+    def test_ftpm(self):
+        # device files, need tee-supplicant fully initialized which takes some time
+        # and tests seem to run before boot is complete
+        cmd = "ls -l /dev/tpm0 /dev/tpmrm0 || ( runlevel; sleep 10; ls -l /dev/tpm0 /dev/tpmrm0 )"
+        status, output = self.target.run(cmd, timeout=60)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+
+        # tpm version
+        cmd = "cat /sys/class/tpm/tpm0/tpm_version_major"
+        status, output = self.target.run(cmd, timeout=60)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+        self.assertEqual(output, "2", msg='\n'.join([cmd, output]))
+
+        # sha384 pcrs
+        cmd = 'for c in $(seq 0 23); do cat /sys/class/tpm/tpm0/pcr-sha384/"${c}"; done'
+        status, output = self.target.run(cmd, timeout=60)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+
+        # sha256 pcrs
+        cmd = 'for c in $(seq 0 23); do cat /sys/class/tpm/tpm0/pcr-sha256/"${c}"; done'
+        status, output = self.target.run(cmd, timeout=60)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+
+        # sha1 pcrs
+        cmd = 'for c in $(seq 0 23); do cat /sys/class/tpm/tpm0/pcr-sha1/"${c}"; done'
+        status, output = self.target.run(cmd, timeout=60)
+        self.assertEqual(status, 0, msg='\n'.join([cmd, output]))

From patchwork Tue Apr 30 12:37:31 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mikko Rapeli <mikko.rapeli@linaro.org>
X-Patchwork-Id: 42948
Return-Path: <mikko.rapeli@linaro.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 961CDC4345F
	for <webhook@archiver.kernel.org>; Tue, 30 Apr 2024 12:37:58 +0000 (UTC)
Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com
 [209.85.167.54])
 by mx.groups.io with SMTP id smtpd.web11.14059.1714480676950235417
 for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:57 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=HYq3sC0z;
 spf=pass (domain: linaro.org, ip: 209.85.167.54,
 mailfrom: mikko.rapeli@linaro.org)
Received: by mail-lf1-f54.google.com with SMTP id
 2adb3069b0e04-51b526f0fc4so7083884e87.1
        for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:37:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1714480675; x=1715085475;
 darn=lists.yoctoproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=HbmtXQp9Eqk09/rYrsR7nHBq0pwaDSE6oJFDnbeF9ss=;
        b=HYq3sC0zMBco/GBYoTW2ZvmcP6djYGL3XPdfTD+976AcZ8cDinXMPBNiDTI6EksTwe
         rlKM6OMhYJVnO66YtLvMDbZVPVM370Xdde3reM0qBEmpsLznQXlMKAM9SMU4eawGGmeB
         Y15zm2sYruc8dfjH7zJZ9h6g3lhmSRN1r6aHYhiRClR843P8Qa96BRfm883vNBjxJbgg
         p6Yp3H5C35sWC2S2FbeQ43TtB1D4CyS5V9bMtl7EMSuaPStr8PT9QbMk8ZKwhrexK9MD
         JnOS5vdb6J3EuZHGs/cbIhgDgcHHAav9HDlOAJRowK+l4uA8JPCvuc4DfmMKsQfCxmQu
         M3QA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1714480675; x=1715085475;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=HbmtXQp9Eqk09/rYrsR7nHBq0pwaDSE6oJFDnbeF9ss=;
        b=A2fGJowIp/un9kStr7YfmE09u5BgwowdKmvZKvB1m0MbLUjZ+g2qDLCf+zLU/bEZUW
         GtuiBRrCMe+iqFz7zMATMzRbsE8Y7LyXxDL84Cnk9C8O4MU0YirZYt+p5TLpqdvFajAu
         tibpl2xb96Yk+6txV8d3Il3c4PM1WXFKQ1MslJnZT1ajqhkoGfYH1FL27wZCe3rtANCY
         utyu7tvD5ll2wd5O33vnFWrrF4AhtQ7bvEzjjpFzek2COc82q+3vBUWjhxWHQufPTzna
         +OwrY+wzyhnSiI1JbpiKvr9dn2Gwz/KkyRC3a7YdDl1TjSRbNrFYrqVspKwXSM2mdi1l
         x7QQ==
X-Gm-Message-State: AOJu0YyqhVq8ucmbavh+E2/Ul39w5LyGqoVJ4GQl3pJJB30fHIWeD4RQ
	vD2NwJwZ8tO0rlBeOOJWjMknvXwxnFtwBJN91PbodvQOGZOUNoXH8hrPPnmhY567+Sz1zIfxUxs
	ibBU=
X-Google-Smtp-Source: 
 AGHT+IFffbbWVHTH+3IIpe22y+mIuA8iFJGVDOdLJv8I1xexQg5Zs5xpn8GYf7hNFfi8q/oDbTSIGg==
X-Received: by 2002:ac2:4ace:0:b0:51c:68a3:6f8e with SMTP id
 m14-20020ac24ace000000b0051c68a36f8emr1782052lfp.31.1714480674743;
        Tue, 30 Apr 2024 05:37:54 -0700 (PDT)
Received: from localhost.localdomain (87-100-245-199.bb.dnainternet.fi.
 [87.100.245.199])
        by smtp.gmail.com with ESMTPSA id
 cf12-20020a056512280c00b0051b41844048sm3011149lfb.285.2024.04.30.05.37.53
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 05:37:54 -0700 (PDT)
From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 5/6] ci/qemuarm64-secureboot.yml: install optee and test both
 optee and ftpm
Date: Tue, 30 Apr 2024 15:37:31 +0300
Message-Id: <20240430123732.534277-6-mikko.rapeli@linaro.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240430123732.534277-1-mikko.rapeli@linaro.org>
References: <20240430123732.534277-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Tue, 30 Apr 2024 12:37:58 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5646

optee-os test xtest needs additional test trusted applications (TA) from
optee-os-ta package to pass. Execution time for ftpm test is around 18
seconds and 430 seconds for optee-test/xtest on an x86_64 build machine.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 ci/qemuarm64-secureboot.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/ci/qemuarm64-secureboot.yml b/ci/qemuarm64-secureboot.yml
index c4943cb6..bfd482b9 100644
--- a/ci/qemuarm64-secureboot.yml
+++ b/ci/qemuarm64-secureboot.yml
@@ -7,6 +7,8 @@ machine: qemuarm64-secureboot
 
 target:
   - core-image-base
-  - optee-examples
-  - optee-test
-  - optee-os-tadevkit
+
+local_conf_header:
+  optee: |
+    IMAGE_INSTALL:append = " optee-test optee-client optee-os-ta"
+    TEST_SUITES:append = " optee ftpm"

From patchwork Tue Apr 30 12:37:32 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mikko Rapeli <mikko.rapeli@linaro.org>
X-Patchwork-Id: 42953
Return-Path: <mikko.rapeli@linaro.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B2A20C4345F
	for <webhook@archiver.kernel.org>; Tue, 30 Apr 2024 12:38:08 +0000 (UTC)
Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com
 [209.85.167.54])
 by mx.groups.io with SMTP id smtpd.web11.14061.1714480680365086300
 for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:38:00 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=hwB7cojV;
 spf=pass (domain: linaro.org, ip: 209.85.167.54,
 mailfrom: mikko.rapeli@linaro.org)
Received: by mail-lf1-f54.google.com with SMTP id
 2adb3069b0e04-51ab4ee9df8so7141017e87.1
        for <meta-arm@lists.yoctoproject.org>;
 Tue, 30 Apr 2024 05:38:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1714480678; x=1715085478;
 darn=lists.yoctoproject.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=8bm0ACvILN0Tla9Oid2skd8x4lZ4y+re3OtEzY3GdDk=;
        b=hwB7cojVIKj5G3b9jxXM9vsYYnj/tr+Tb/MA/LlagARux2c+FPtp4YFLl9iGa7E7wF
         p0645YGLG3Hm44AwSrttb8w+0oy4q1nxAehauPLlIiVnTQ2zPP1gxF4IICOVQoaqsbuv
         /ZDczjtnpInEI2B6/1tXSHKSwoLAO1Ld8raTMDIGeJYyugWh6cRATdelaxro2RCIGs2x
         BayWygen/e/C195/W9p6NRcTXhe0dFkbdIkkEhsA+Ym0iahi7+izSwdBs4rkuL9sMsMD
         TiZlFG5Sz17cFGSOuD63wi3wj7yYrq9b5NHivawm6e2H0XKJ31l8VA+AoqUlo5u9b01I
         hnLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1714480678; x=1715085478;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=8bm0ACvILN0Tla9Oid2skd8x4lZ4y+re3OtEzY3GdDk=;
        b=TEoR93ylZC1YsVZqU5FdbnLPZjWvsTWrpFRiytInwZM379fpyHeIetJefhIlTSGM27
         4X/IOT7wotR0XuYuAFQwLJZ1A/WRXzoLwPBJ7pRxjuoPmKGDrmVKd6iM//1KYyC9srR/
         6vI8RAT30goOpXWlpLwixxuZXoAgOX7bRAGW8SQcPhizW0eYvAEp82As0m4pMV5I2NQd
         KMXqSYdhHD9SZDd8scDZYvkFF2uRmSwhOXf15ZmKtGOjoq0Q9MhavDZTJp5lo7zg/BsM
         pUZKVGGYCwI0EhOqzCOMeZ2KFj8ll7ax/ETe4nqlmwbaoCRYBP03bVofA+5s+Lxn6fe6
         faRw==
X-Gm-Message-State: AOJu0YwllHFSc4fv4+UC7Ox4sDS56g+3Kxj65f3P/WEe+VKMvnfut5+O
	k01/W+DhZ7M9B7DlPF3SUJMCTlIShp/BwoNEXs4vKEUQTswu4v0f8N8KoHiCkW5uCeuojfGXvPb
	pG6U=
X-Google-Smtp-Source: 
 AGHT+IGcKrXAG5CGk3Bs+BqD6COKAdIbHmMT7VLSUvLNQzMh9nBGJJC8OrogZa4atFtHIGeVhtlJpw==
X-Received: by 2002:a05:6512:4013:b0:51d:2056:efaa with SMTP id
 br19-20020a056512401300b0051d2056efaamr7125399lfb.32.1714480676646;
        Tue, 30 Apr 2024 05:37:56 -0700 (PDT)
Received: from localhost.localdomain (87-100-245-199.bb.dnainternet.fi.
 [87.100.245.199])
        by smtp.gmail.com with ESMTPSA id
 cf12-20020a056512280c00b0051b41844048sm3011149lfb.285.2024.04.30.05.37.55
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 30 Apr 2024 05:37:56 -0700 (PDT)
From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 6/6] ci/qemuarm-secureboot.yml: install optee and test both
 optee and ftpm
Date: Tue, 30 Apr 2024 15:37:32 +0300
Message-Id: <20240430123732.534277-7-mikko.rapeli@linaro.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240430123732.534277-1-mikko.rapeli@linaro.org>
References: <20240430123732.534277-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
List-Id: <meta-arm.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <meta-arm@lists.yoctoproject.org>; Tue, 30 Apr 2024 12:38:08 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5647

optee-os test xtest needs additional test trusted applications (TA) from
optee-os-ta package to pass. Execution time for ftpm test is around 21
seconds and 596 seconds for optee-test/xtest on an x86_64 build machine.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 ci/qemuarm-secureboot.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/ci/qemuarm-secureboot.yml b/ci/qemuarm-secureboot.yml
index 97e99039..f0d136c8 100644
--- a/ci/qemuarm-secureboot.yml
+++ b/ci/qemuarm-secureboot.yml
@@ -7,6 +7,8 @@ machine: qemuarm-secureboot
 
 target:
   - core-image-base
-  - optee-examples
-  - optee-test
-  - optee-os-tadevkit
+
+local_conf_header:
+  optee: |
+    IMAGE_INSTALL:append = " optee-test optee-client optee-os-ta"
+    TEST_SUITES:append = " optee ftpm"