On Fri, Feb 10, 2023 at 01:55:24PM -0600, Andrew Davis wrote:
> On 2/10/23 1:05 PM, Denys Dmytriyenko wrote:
> >On Fri, Feb 10, 2023 at 12:56:20PM -0600, Andrew Davis wrote:
> >>On 2/10/23 12:51 PM, Denys Dmytriyenko wrote:
> >>>On Wed, Feb 08, 2023 at 05:10:28PM -0600, Andrew Davis via
> >>>lists.yoctoproject.org wrote:
> >>>>Use the new ti-k3-secdev package to pull in the signing tools if they are
> >>>>not provided by the environment. This allows us to use these tools
> >>>>unconditionally. Remove the checks for the script and do the signing
> >>>>for all K3 machines. The signature is automatically stripped from
> >>>>the binaries on non-HS devices at boot time as needed so this change
> >>>>is harmless for GP devices.
> >>>>
> >>>>Signed-off-by: Andrew Davis <[email protected]>
> >>>>---
> >>>> .../trusted-firmware-a_%.bbappend | 43 ++++++-------------
> >>>> 1 file changed, 12 insertions(+), 31 deletions(-)
> >>>>
> >>>>diff --git
> >>>>a/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
> >>>>
> >>>>b/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
> >>>>index 5acc5c2e..95f1d2d9 100644
> >>>>---
> >>>>a/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
> >>>>+++
> >>>>b/meta-ti-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend
> >>>>@@ -6,39 +6,20 @@ TFA_BUILD_TARGET:k3 = "all"
> >>>> TFA_INSTALL_TARGET:k3 = "bl31"
> >>>> TFA_SPD:k3 = "opteed"
> >>>>+# Use default package TI SECDEV is one is not provided
> >>>
> >>>typo - *if* one is not provided
> >>>
> >>
> >>Good catch
> >>
> >>>
> >>>>+DEPENDS:append:k3 = "${@ '' if d.getVar('TI_SECURE_DEV_PKG_K3') else '
> >>>>ti-k3-secdev-native' }"
> >>>>+
> >>>>+# Set a default value for TI_K3_SECDEV_INSTALL_DIR
> >>>>+export TI_K3_SECDEV_INSTALL_DIR =
> >>>>"${STAGING_DIR_NATIVE}${datadir}/ti/ti-k3-secdev"
> >>>>+include recipes-ti/includes/ti-paths.inc
> >>>
> >>>If you set TI_K3_SECDEV_INSTALL_DIR explicitly, why do you need to include
> >>>ti-paths.inc here?
> >>>
> >>
> >>ti-paths.inc is part of meta-ti-extras which might not be included in one's
> >>layer stack.
> >>If not, this is a sane default, but ti-paths.inc can still override that
> >>path if available.
> >
> >No, we shouldn't be using ti-paths.inc here at all. The file was mostly used
> >by RTOS components back when they were built from sources. That is now only
> >used on some legacy platforms. Eventually it will be removed, no reason to
> >start using the file for K3 SECDEV. Just come up with the proper default
> >(something other than ${datadir}...) and be done with it, right?
> >
>
> I'm thinking ${datadir} is the right spot, do you have another spot in mind?
Hmm, I don't oppose that heavily against ${datadir}... I guess if we were
introducing SECDEV for the first time, I'd argue we should install scripts
into ${bindir} and everything else into ${datadir} or something more FHS
complieant? But I guess in order to keep the legacy setup of TI_SECURE_DEV_PKG
passed through environment working as is, changing directory structure is out
of the question now.
--
Denys
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#15810):
https://lists.yoctoproject.org/g/meta-ti/message/15810
Mute This Topic: https://lists.yoctoproject.org/mt/96842456/21656
Group Owner: [email protected]
Unsubscribe:
https://lists.yoctoproject.org/g/meta-ti/leave/6695321/21656/1393940836/xyzzy
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
