Arm Trusted Firmware uses a list of mbedtls source files/headers to build
a static library used for crypto functionality:
https://github.com/ARM-software/arm-trusted-firmware/blob/master/drivers/auth/mbedtls/mbedtls_common.mk#L10

At the moment, any ATF version that wants to build with yocto and enable
for example secure boot, needs to download and patch a version of mbedtls
separately, e.g. :
https://git.yoctoproject.org/meta-arm/tree/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.7.0.bb#n10

This commit enables a simple way for ATF recipes to use the existing oe
version of mbedtls by adding it as a dependency, and simply extending the
build flags with:
EXTRA_OEMAKE += 'MBEDTLS_DIR="${STAGING_DATADIR}/mbedtls-source"'

Signed-off-by: Beniamin Sandu <beniaminsandu@...>
---
.../recipes-connectivity/mbedtls/mbedtls_2.28.2.bb | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb
index 3c52fe13b..f5f1236f1 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb
@@ -55,3 +55,9 @@ CVE_PRODUCT = "mbed_tls"
CVE_CHECK_IGNORE += "CVE-2021-43666"
# Fix merged upstream https://github.com/Mbed-TLS/mbedtls/commit/9a4a9c66a48edfe9ece03c7e4a53310adf73a86c
CVE_CHECK_IGNORE += "CVE-2021-45451"
+
+# Export source files/headers needed by Arm Trusted Firmware
+sysroot_stage_all:append() {
+ sysroot_stage_dir "${S}/library" "${SYSROOT_DESTDIR}/usr/share/mbedtls-source/library"
+ sysroot_stage_dir "${S}/include" "${SYSROOT_DESTDIR}/usr/share/mbedtls-source/include"
+}
--
2.25.1