Re: [PATCH 1/5] docker: add OP-TEE build for testing Firmware Handoff

Tue, 16 Sep 2025 11:28:00 -0700 

On Tue, Sep 16, 2025 at 09:14:17AM -0700, Raymond Mao wrote:
> Fetch OP-TEE (4.7.0) and build it with Firmware Handoff enabled.
> 
> Signed-off-by: Raymond Mao <raymond....@linaro.org>
> ---
>  tools/docker/Dockerfile | 77 +++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 77 insertions(+)
> 
> diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile
> index 5b4c75f8400..02a8a2fb37c 100644
> --- a/tools/docker/Dockerfile
> +++ b/tools/docker/Dockerfile
> @@ -54,6 +54,83 @@ RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \
>               wget -O - 
> https://github.com/foss-xtensa/toolchain/releases/download/2020.07/x86_64-2020.07-xtensa-dc233c-elf.tar.gz
>  | tar -C /opt -xz; \
>       fi
>  
> +# Build OP-TEE
> +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
> +    --mount=type=cache,target=/var/lib/apt,sharing=locked \
> +    apt-get update && apt-get install -y \
> +     adb \

Whatever in this list of dependencies that are new for OP-TEE should be
added to the normal list of things we install.

[snip]
> +RUN git clone https://github.com/OP-TEE/optee_os.git /tmp/optee_os && \
> +     cd /tmp/optee_os/ && \
> +     git checkout 4.7.0 && \
> +     make 
> CROSS_COMPILE=/opt/gcc-${TCVER}-nolibc/aarch64-linux/bin/aarch64-linux- \
> +             
> CROSS_COMPILE_core=/opt/gcc-${TCVER}-nolibc/aarch64-linux/bin/aarch64-linux- \
> +             
> CROSS_COMPILE32=/opt/gcc-${TCVER}-nolibc/arm-linux-gnueabi/bin/arm-linux-gnueabi-
>  \
> +             
> CROSS_COMPILE_ta_arm32=/opt/gcc-${TCVER}-nolibc/arm-linux-gnueabi/bin/arm-linux-gnueabi-
>  \
> +             
> CROSS_COMPILE_ta_arm64=/opt/gcc-${TCVER}-nolibc/aarch64-linux/bin/aarch64-linux-
>  \
> +             ARCH=arm \
> +             CFG_ARM64_core=y \
> +             CFG_TRANSFER_LIST=y CFG_MAP_EXT_DT_SECURE=y \
> +             PLATFORM=vexpress-qemu_armv8a CFG_RPMB_FS=y \
> +             CFG_RPMB_FS_DEV_ID=0 CFG_CORE_HEAP_SIZE=524288 
> CFG_RPMB_WRITE_KEY=y \
> +             CFG_CORE_HEAP_SIZE=524288 CFG_CORE_DYN_SHM=y CFG_RPMB_TESTKEY=y 
> \
> +             CFG_RPMB_WRITE_KEY=1 \
> +             CFG_REE_FS=n CFG_CORE_ARM64_PA_BITS=48  \
> +             CFG_TEE_CORE_LOG_LEVEL=4 CFG_TEE_TA_LOG_LEVEL=1 DEBUG=y

And this should be much farther down in the file, near where we build
TF-A and coreboot and everything else, not up top.

-- 
Tom

Attachment: signature.asc
Description: PGP signature

Reply via email to