Add recipe for optee TA devkit

The TA dev kit is used to build trusted applications, details refer to
[1]. A typical use case of this devkit is a firmware TPM reference
implementation, see [2].

1. https://optee.readthedocs.io/en/3.21.0/building/trusted_applications.html
2. https://github.com/microsoft/ms-tpm-20-ref

This brings the .inc for customization, and also an example for
stm32mp15x.

Signed-off-by: Baocheng Su <baocheng.su@siemens.com>

meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.bb

@@ -1,29 +1,8 @@
 #
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2023
 #
 # SPDX-License-Identifier: MIT
 
 require recipes-bsp/optee-os/optee-os-custom.inc
+require optee-os-stm32mp15x_${PV}.inc
 
-SRC_URI += "https://github.com/OP-TEE/optee_os/archive/${PV}.tar.gz"
-SRC_URI[sha256sum] = "92a16e841b0bdb4bfcb1c20b6a1bd3309092203d534ed167dfdb5a5f395bf60b"
-
-S = "${WORKDIR}/optee_os-${PV}"
-
-DEBIAN_BUILD_DEPENDS += ", device-tree-compiler, python3-cryptography:native"
-
-OPTEE_PLATFORM = "stm32mp1"
-OPTEE_EXTRA_BUILDARGS = " \
-    ARCH=arm CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-ev1.dts \
-    CFG_TEE_CORE_LOG_LEVEL=2"
-OPTEE_BINARIES = "tee-header_v2.stm32 tee-pageable_v2.stm32 tee-pager_v2.stm32"
-
-# Set version manually to PV, the tarball does not contain any hint.
-# Alternative: pull from git and add git as build dependency.
-dpkg_runbuild:prepend() {
-    grep -q "^export TEE_IMPL_VERSION" ${S}/debian/rules ||
-        cat << EOF >> ${S}/debian/rules
-
-export TEE_IMPL_VERSION=${PV}
-EOF
-}

meta-isar/recipes-bsp/optee-os/optee-os-stm32mp15x_3.21.0.inc

@@ -0,0 +1,18 @@
+#
+# Copyright (c) Siemens AG, 2020-2023
+#
+# SPDX-License-Identifier: MIT
+
+SRC_URI += "https://github.com/OP-TEE/optee_os/archive/${PV}.tar.gz;downloadfilename=optee_os-${PV}.tar.gz"
+SRC_URI[sha256sum] = "92a16e841b0bdb4bfcb1c20b6a1bd3309092203d534ed167dfdb5a5f395bf60b"
+
+S = "${WORKDIR}/optee_os-${PV}"
+
+DEBIAN_BUILD_DEPENDS += ", device-tree-compiler, python3-cryptography:native"
+
+OPTEE_PLATFORM = "stm32mp1"
+OPTEE_EXTRA_BUILDARGS = " \
+    TEE_IMPL_VERSION=${PV} \
+    ARCH=arm CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-ev1.dts \
+    CFG_TEE_CORE_LOG_LEVEL=2"
+OPTEE_BINARIES = "tee-header_v2.stm32 tee-pageable_v2.stm32 tee-pager_v2.stm32"

meta-isar/recipes-bsp/optee-os/optee-os-tadevkit-stm32mp15x_3.21.0.bb

@@ -0,0 +1,7 @@
+#
+# Copyright (c) Siemens AG, 2023
+#
+# SPDX-License-Identifier: MIT
+
+require recipes-bsp/optee-os/optee-os-tadevkit-custom.inc
+require optee-os-stm32mp15x_${PV}.inc

meta/recipes-bsp/optee-os/files/debian/control.tmpl

@@ -5,6 +5,6 @@ Standards-Version: 3.9.6
 Build-Depends: ${DEBIAN_BUILD_DEPENDS}
 Maintainer: ISAR project <isar-users@googlegroups.com>
 
-Package: optee-os-${OPTEE_NAME}
+Package: ${DEBIAN_PACKAGE_NAME}
 Architecture: ${DISTRO_ARCH}
-Description: ${DESCRIPTION}, firmware binaries
+Description: ${DESCRIPTION}

meta/recipes-bsp/optee-os/optee-os-custom.inc

@@ -1,38 +1,17 @@
 # Custom OP-TEE OS build
 #
 # This software is a part of ISAR.
-# Copyright (c) Siemens AG, 2020
+# Copyright (c) Siemens AG, 2020-2023
 #
 # SPDX-License-Identifier: MIT
 
-inherit dpkg
+require optee-os.inc
 
-FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/files:"
-
-SRC_URI += "file://debian/"
-
-DESCRIPTION ?= "Custom OP-TEE OS"
-
-OPTEE_NAME ?= "${MACHINE}"
-OPTEE_PLATFORM ?= "unknown"
-OPTEE_EXTRA_BUILDARGS ?= ""
-OPTEE_BINARIES ?= "tee-pager_v2.bin"
-
-DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools"
+DESCRIPTION:append = ", firmware binaries"
 
 PROVIDES += "optee-os-${OPTEE_NAME}"
 
-TEMPLATE_FILES = "debian/control.tmpl debian/rules.tmpl"
-TEMPLATE_VARS += "OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS"
-
-# split strip platform flavor, if any, from the specified platform string
-OPTEE_PLATFORM_BASE = "${@d.getVar('OPTEE_PLATFORM').split('-')[0]}"
-
-do_prepare_build() {
-    cp -r ${WORKDIR}/debian ${S}/
-
-    deb_add_changelog
-
+do_prepare_build:append() {
     rm -f ${S}/debian/optee-os-${OPTEE_NAME}.install
     for binary in ${OPTEE_BINARIES}; do
         echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/core/$binary /usr/lib/optee-os/${OPTEE_NAME}/" >> \

meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc

@@ -0,0 +1,26 @@
+# Custom OP-TEE OS build for TA devkit
+#
+# This software is a part of ISAR.
+# Copyright (c) Siemens AG, 2023
+#
+# SPDX-License-Identifier: MIT
+
+require optee-os.inc
+
+DEBIAN_PACKAGE_NAME = "optee-os-tadevkit-${OPTEE_NAME}"
+DESCRIPTION:append = ", trust application development kit."
+
+PROVIDES += "${DEBIAN_PACKAGE_NAME}"
+
+do_prepare_build:append() {
+    if [ "${DISTRO_ARCH}" = "arm64" ]; then
+        TADEVKIT_DIR="export-ta_arm64"
+    elif [ "${DISTRO_ARCH}" = "armhf" ]; then
+        TADEVKIT_DIR="export-ta_arm32"
+    else
+        bbfatal "${DISTRO_ARCH} does not have a compat arch for optee TA devkit!"
+    fi
+
+    echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/${TADEVKIT_DIR} /usr/lib/optee-os/${OPTEE_NAME}/" > \
+        ${S}/debian/optee-os-tadevkit-${OPTEE_NAME}.install
+}

meta/recipes-bsp/optee-os/optee-os.inc

@@ -0,0 +1,35 @@
+# Custom OP-TEE OS build
+#
+# This software is a part of ISAR.
+# Copyright (c) Siemens AG, 2020-2023
+#
+# SPDX-License-Identifier: MIT
+
+inherit dpkg
+
+FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/files:"
+
+SRC_URI += "file://debian/"
+
+DESCRIPTION ?= "Custom OP-TEE OS"
+
+OPTEE_NAME ?= "${MACHINE}"
+OPTEE_PLATFORM ?= "unknown"
+OPTEE_EXTRA_BUILDARGS ?= ""
+OPTEE_BINARIES ?= "tee-pager_v2.bin"
+
+DEBIAN_PACKAGE_NAME ?= "optee-os-${OPTEE_NAME}"
+
+DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools"
+
+TEMPLATE_FILES = "debian/control.tmpl debian/rules.tmpl"
+TEMPLATE_VARS += "DEBIAN_PACKAGE_NAME OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS"
+
+# split strip platform flavor, if any, from the specified platform string
+OPTEE_PLATFORM_BASE = "${@d.getVar('OPTEE_PLATFORM').split('-')[0]}"
+
+do_prepare_build() {
+    cp -r ${WORKDIR}/debian ${S}/
+
+    deb_add_changelog
+}