[Buildroot] [PATCH v3 01/11] boot/ti-k3-core-secdev: new package
Romain Naour
romain.naour at smile.fr
Wed Feb 7 09:52:31 UTC 2024
Hello Dario, All,
Le 18/12/2023 à 09:19, Dario Binacchi a écrit :
> This is a security development package containing tools for
> High-Security(HS) TI K3 platform devices.
>
> Signed-off-by: Dario Binacchi <dario.binacchi at amarulasolutions.com>
> ---
> DEVELOPERS | 1 +
> boot/Config.in | 1 +
> boot/ti-k3-core-secdev/Config.in | 9 +++++++++
> boot/ti-k3-core-secdev/ti-k3-core-secdev.hash | 3 +++
> boot/ti-k3-core-secdev/ti-k3-core-secdev.mk | 19 +++++++++++++++++++
> 5 files changed, 33 insertions(+)
> create mode 100644 boot/ti-k3-core-secdev/Config.in
> create mode 100644 boot/ti-k3-core-secdev/ti-k3-core-secdev.hash
> create mode 100644 boot/ti-k3-core-secdev/ti-k3-core-secdev.mk
>
> diff --git a/DEVELOPERS b/DEVELOPERS
> index 311dcd950481..60a95434c70f 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -754,6 +754,7 @@ F: package/xinetd/
> N: Dario Binacchi <dario.binacchi at amarulasolutions.com>
> F: board/bsh/
> F: board/stmicroelectronics/stm32f769-disco/
> +F: boot/ti-k3-core-secdev/
> F: configs/imx8mn_bsh_smm_s2_defconfig
> F: configs/imx8mn_bsh_smm_s2_pro_defconfig
> F: configs/stm32f769_disco_sd_defconfig
> diff --git a/boot/Config.in b/boot/Config.in
> index e5fdf7ad439e..18a7d268f95a 100644
> --- a/boot/Config.in
> +++ b/boot/Config.in
> @@ -20,6 +20,7 @@ source "boot/s500-bootloader/Config.in"
> source "boot/shim/Config.in"
> source "boot/syslinux/Config.in"
> source "boot/ti-k3-boot-firmware/Config.in"
> +source "boot/ti-k3-core-secdev/Config.in"
> source "boot/ti-k3-image-gen/Config.in"
> source "boot/ti-k3-r5-loader/Config.in"
> source "boot/uboot/Config.in"
> diff --git a/boot/ti-k3-core-secdev/Config.in b/boot/ti-k3-core-secdev/Config.in
> new file mode 100644
> index 000000000000..1749b7ab5fd9
> --- /dev/null
> +++ b/boot/ti-k3-core-secdev/Config.in
> @@ -0,0 +1,9 @@
> +config BR2_TARGET_TI_K3_CORE_SECDEV
> + bool "ti-k3-core-secdev"
> + depends on BR2_aarch64
> + help
> + This package downloads and installs development tools for
> + High-Security(HS) TI K3 platforms (which include AM62x,
> + AM64x, AM65x and more).
> +
> + https://git.ti.com/cgit/security-development-tools/core-secdev-k3/
Remove the trailing '/' at the end of the url.
> diff --git a/boot/ti-k3-core-secdev/ti-k3-core-secdev.hash b/boot/ti-k3-core-secdev/ti-k3-core-secdev.hash
> new file mode 100644
> index 000000000000..0460cff6c59f
> --- /dev/null
> +++ b/boot/ti-k3-core-secdev/ti-k3-core-secdev.hash
> @@ -0,0 +1,3 @@
> +# Locally calculated
> +sha256 b6d3bca0d561d055c6869c5564b06f2fb1b9f67e4ef180c2baf8a14a6a6afa06 core-secdev-k3-08.06.00.007.tar.xz
> +sha256 3e5cf4f5ab9f0333f46cd68fabede3f21e55de1a9e3c6ad673f241f4514d8369 k3-secdev-0.2-manifest.html
> diff --git a/boot/ti-k3-core-secdev/ti-k3-core-secdev.mk b/boot/ti-k3-core-secdev/ti-k3-core-secdev.mk
> new file mode 100644
> index 000000000000..0127e6503d4d
> --- /dev/null
> +++ b/boot/ti-k3-core-secdev/ti-k3-core-secdev.mk
> @@ -0,0 +1,19 @@
> +################################################################################
> +#
> +# ti-k3-core-secdev
> +#
> +################################################################################
> +
> +TI_K3_CORE_SECDEV_VERSION = 08.06.00.007
> +TI_K3_CORE_SECDEV_SITE = https://git.ti.com/cgit/security-development-tools/core-secdev-k3/snapshot
> +TI_K3_CORE_SECDEV_SOURCE = core-secdev-k3-$(TI_K3_CORE_SECDEV_VERSION).tar.xz
> +TI_K3_CORE_SECDEV_INSTALL_IMAGES = YES
> +TI_K3_CORE_SECDEV_LICENSE = TI Text File, Apache-2.0
What's the meaning of "TI Text File"?
meta-ti's ti-k3-secdev package use BSD-3-Clause as license:
https://git.yoctoproject.org/meta-ti/tree/meta-ti-bsp/recipes-ti/secdev/ti-k3-secdev_git.bb?h=kirkstone#n4
Can you verify the license?
> +TI_K3_CORE_SECDEV_LICENSE_FILES = k3-secdev-0.2-manifest.html
legal-info doesn't work since this file is under "manifest" directory.
> +
> +define TI_K3_CORE_SECDEV_INSTALL_IMAGES_CMDS
> + cp -dpfr $(@D)/keys $(BINARIES_DIR)/
> + cp -dpfr $(@D)/scripts $(BINARIES_DIR)/
> +endef
I would suggest to create a sub-directory under $(BINARIES_DIR) to avoid any
file conflict.
Best regards,
Romain
> +
> +$(eval $(generic-package))
More information about the buildroot
mailing list