From c37400e593b84b0e2d369c57a73b3fff96dcda27 Mon Sep 17 00:00:00 2001
From: Santeri Salko <santeri.salko@huawei.com>
Date: Tue, 13 Apr 2021 22:53:36 +0300
Subject: [PATCH] optee-client: Add daemon and library for OP-TEE

Linux daemon (tee-supplicant) and library (libteec) for
using trusted applications (TA's) of OP-TEE secure OS.

This code comes from linaro repository:
https://git.linaro.org/openembedded/meta-linaro.git/tree/meta-optee

Signed-off-by: Santeri Salko <santeri.salko@huawei.com>
---
 .../conf/distro/allscenarios-linux.conf       |  2 ++
 .../recipes-security/optee/optee-client.bb    | 34 +++++++++++++++++++
 .../optee/optee-client/tee-supplicant.service | 10 ++++++
 3 files changed, 46 insertions(+)
 create mode 100644 meta-ohos-staging/recipes-security/optee/optee-client.bb
 create mode 100644 meta-ohos-staging/recipes-security/optee/optee-client/tee-supplicant.service

diff --git a/meta-ohos-core/conf/distro/allscenarios-linux.conf b/meta-ohos-core/conf/distro/allscenarios-linux.conf
index acd19350..27987101 100644
--- a/meta-ohos-core/conf/distro/allscenarios-linux.conf
+++ b/meta-ohos-core/conf/distro/allscenarios-linux.conf
@@ -17,6 +17,8 @@ INIT_MANAGER = "systemd"
 # Remove some of the default Poky DISTRO_FEATURES we inherited, but do not use.
 DISTRO_FEATURES_remove = "nfc 3g pcmcia"
 
+IMAGE_INSTALL_append = " ${@bb.utils.contains('BOOTSCHEME_LABELS', 'optee', 'optee-client', '', d)} "
+
 PREFERRED_VERSION_linux-yocto = "5.10%"
 
 # Default to enabling serial debug console on RaspberryPi
diff --git a/meta-ohos-staging/recipes-security/optee/optee-client.bb b/meta-ohos-staging/recipes-security/optee/optee-client.bb
new file mode 100644
index 00000000..2bbb282a
--- /dev/null
+++ b/meta-ohos-staging/recipes-security/optee/optee-client.bb
@@ -0,0 +1,34 @@
+SUMMARY = "OPTEE Client"
+HOMEPAGE = "https://github.com/OP-TEE/optee_client"
+
+LICENSE = "BSD-2"
+LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=69663ab153298557a59c67a60a743e5b"
+
+PV = "3.7.0+git${SRCPV}"
+
+inherit python3native systemd
+
+SRC_URI = "git://github.com/OP-TEE/optee_client.git \
+           file://tee-supplicant.service"
+S = "${WORKDIR}/git"
+
+SRCREV = "bc0ec8ce1e4dc5ae23f4737ef659338b7cd408fe"
+
+SYSTEMD_SERVICE_${PN} = "tee-supplicant.service"
+
+do_install() {
+    oe_runmake install
+
+    install -D -p -m0755 ${S}/out/export/usr/sbin/tee-supplicant ${D}${sbindir}/tee-supplicant
+
+    install -D -p -m0644 ${S}/out/export/usr/lib/libteec.so.1.0 ${D}${libdir}/libteec.so.1.0
+    ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so
+    ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so.1
+
+    cp -a ${S}/out/export/usr/include ${D}/usr/
+
+    sed -i -e s:/etc:${sysconfdir}:g \
+              ${WORKDIR}/tee-supplicant.service
+
+    install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service
+}
diff --git a/meta-ohos-staging/recipes-security/optee/optee-client/tee-supplicant.service b/meta-ohos-staging/recipes-security/optee/optee-client/tee-supplicant.service
new file mode 100644
index 00000000..ffb54d39
--- /dev/null
+++ b/meta-ohos-staging/recipes-security/optee/optee-client/tee-supplicant.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=TEE Supplicant
+
+[Service]
+User=root
+EnvironmentFile=-/etc/default/tee-supplicant
+ExecStart=/usr/sbin/tee-supplicant $OPTARGS
+
+[Install]
+WantedBy=basic.target
-- 
GitLab