Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Openssl availability in 'Normal World' #14

Open
schnorea opened this issue Nov 23, 2023 · 1 comment
Open

Openssl availability in 'Normal World' #14

schnorea opened this issue Nov 23, 2023 · 1 comment

Comments

@schnorea
Copy link

In a previous issue I asked about adding openssl to the 'Normal World' environment and was pointed to the common.mk file in the build directory. From my investigations of common.mk it looks as if openssl should be part of the build.

BR2_PER_PACKAGE_DIRECTORIES ?= y
BR2_PACKAGE_LIBOPENSSL ?= y
BR2_PACKAGE_MMC_UTILS ?= y
BR2_PACKAGE_OPENSSL ?= y
BR2_PACKAGE_OPTEE_BENCHMARK_EXT ?= $(CFG_TEE_BENCHMARK)
BR2_PACKAGE_OPTEE_BENCHMARK_EXT_SITE ?= $(BENCHMARK_APP_PATH)
BR2_PACKAGE_OPTEE_CLIENT_EXT_SITE ?= $(OPTEE_CLIENT_PATH)
BR2_PACKAGE_OPTEE_EXAMPLES_EXT ?= y
BR2_PACKAGE_OPTEE_EXAMPLES_EXT_CROSS_COMPILE ?= $(CROSS_COMPILE_S_USER)
BR2_PACKAGE_OPTEE_EXAMPLES_EXT_SDK ?= $(OPTEE_OS_TA_DEV_KIT_DIR)
BR2_PACKAGE_OPTEE_EXAMPLES_EXT_SITE ?= $(OPTEE_EXAMPLES_PATH)

In examining the 'Normal World' this is what i find

# find | grep -i openssl
./etc/ssl/openssl.cnf
./etc/ssl/openssl.cnf.dist

Other elements from the config show up as would be expected but not openssl.

In looking through the build of the rootfs.cpio.gz
It looks like that config makes its way to the out-br/defconfig file via the python script
here.

.PHONY: buildroot
buildroot: optee-os optee-rust
	@mkdir -p ../out-br
	@rm -f ../out-br/build/optee_*/.stamp_*
	@rm -f ../out-br/extra.conf
	@$(call append-br2-vars,../out-br/extra.conf)
	@(cd .. && $(PYTHON3) build/br-ext/scripts/make_def_config.py \
		--br buildroot --out out-br --br-ext build/br-ext \
		--top-dir "$(ROOT)" \
		--br-defconfig build/br-ext/configs/optee_$(BUILDROOT_ARCH) \
		--br-defconfig build/br-ext/configs/optee_generic \
		--br-defconfig build/br-ext/configs/$(BUILDROOT_TOOLCHAIN) \
		$(DEFCONFIG_GDBSERVER) \
		$(DEFCONFIG_XEN) \
		$(DEFCONFIG_TSS) \
		$(DEFCONFIG_TPM_MODULE) \
		$(DEFCONFIG_FTPM) \
		--br-defconfig out-br/extra.conf \
		--make-cmd $(MAKE))
	@$(MAKE) $(br-make-flags) -C ../out-br all

After this i lose my way in the make started by the python script and on that follows below it.

My ultimate goal is to have optee as the keystore for openssl via pkcs11 to workout how this might be used for code signing, etc.

Is there something simple i am missing?
@jbech-linaro
Copy link
Owner

Hi, please ask the question here (build) or here (optee_os), since this is about code in those projects. My docker files, is solely about setting up the official environment in a Docker environment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jbech-linaro @schnorea