Hi Tom, On Fri, 3 Oct 2025 at 16:17, Tom Rini <[email protected]> wrote: > > On Fri, Oct 03, 2025 at 12:22:15PM -0700, Raymond Mao wrote: > > > Fetch OP-TEE (4.7.0), TF-A (v2.13.0), MbedTLS (v3.6) and build > > bl1 and fip with both Firmware Handoff and Measured Boot enabled. > > > > Signed-off-by: Raymond Mao <[email protected]> > > --- > > Changes in V2: > > - Move OP-TEE dependencies into the common group. > > - Fetch MbedTLS/TF-A and build bl1/fip in dockerfile instead of > > post-buildman script. > > - Remove Trust Boot related build options. > > > > tools/docker/Dockerfile | 74 +++++++++++++++++++++++++++++++++++++++-- > > 1 file changed, 71 insertions(+), 3 deletions(-) > > > > diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile > > index 5b4c75f8400..0a213a7a61e 100644 > > --- a/tools/docker/Dockerfile > > +++ b/tools/docker/Dockerfile > > @@ -58,6 +58,9 @@ RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ > > RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ > > --mount=type=cache,target=/var/lib/apt,sharing=locked \ > > apt-get update && apt-get install -y \ > > + adb \ > > + acpica-tools \ > > + autoconf \ > > automake \ > > autopoint \ > > bc \ > > @@ -65,21 +68,26 @@ RUN > > --mount=type=cache,target=/var/cache/apt,sharing=locked \ > > bison \ > > build-essential \ > > byacc \ > > + ccache \ > > cgpt \ > > clang-18 \ > > coreutils \ > > cpio \ > > + cscope \ > > curl \ > > device-tree-compiler \ > > dosfstools \ > > e2fsprogs \ > > + e2tools \ > > efitools \ > > erofs-utils \ > > exfatprogs \ > > expect \ > > fakeroot \ > > + fastboot \ > > fdisk \ > > flex \ > > + ftp-upload \ > > gawk \ > > gdisk \ > > gettext \ > > @@ -92,11 +100,20 @@ RUN > > --mount=type=cache,target=/var/cache/apt,sharing=locked \ > > imagemagick \ > > inetutils-telnet \ > > iputils-ping \ > > + libattr1-dev \ > > + libcap-ng-dev \ > > libconfuse-dev \ > > + libfdt-dev \ > > + libftdi-dev \ > > libgit2-dev \ > > libjson-glib-dev \ > > + libglib2.0-dev \ > > + libgmp3-dev \ > > libgnutls28-dev \ > > libgnutls30 \ > > + libhidapi-dev \ > > + libmpc-dev \ > > + libncurses5-dev \ > > libpixman-1-dev \ > > libpython3-dev \ > > libsdl1.2-dev \ > > @@ -110,9 +127,11 @@ RUN > > --mount=type=cache,target=/var/cache/apt,sharing=locked \ > > lz4 \ > > lzma-alone \ > > lzop \ > > + make \ > > mount \ > > mtd-utils \ > > mtools \ > > + netcat \ > > net-tools \ > > ninja-build \ > > openssl \ > > @@ -122,12 +141,16 @@ RUN > > --mount=type=cache,target=/var/cache/apt,sharing=locked \ > > python-is-python3 \ > > python2.7 \ > > python3 \ > > + python3-cryptography \ > > python3-dev \ > > python3-pip \ > > + python3-pyelftools \ > > + python3-serial \ > > python3-sphinx \ > > python3-tomli \ > > python3-venv \ > > rpm2cpio \ > > + rsync \ > > sbsigntool \ > > socat \ > > softhsm2 \ > > @@ -136,13 +159,20 @@ RUN > > --mount=type=cache,target=/var/cache/apt,sharing=locked \ > > sudo \ > > swig \ > > texinfo \ > > + unzip \ > > util-linux \ > > uuid-dev \ > > vboot-kernel-utils \ > > vboot-utils \ > > + wget \ > > + xdg-utils \ > > xilinx-bootgen \ > > + xsltproc \ > > + xterm \ > > xxd \ > > - zip > > + xz-utils \ > > + zip \ > > + zlib1g-dev > > Are some of these deps perhaps optional? I would hope we could build > without cscope and xterm, to pick randomly from the top and bottom of > the list. I ask since everything we add here makes the container larger, > and it's already very big. I'm almost wondering if we should (follow-up, > later) add a step where we remove things that tools we built needed, but > U-Boot doesn't need for build/tests. >
Actually those deps are grep from OP-TEE official docs, but yes, I can find out the ones which are not really necessary and then remove them. Raymond > -- > Tom
