diff options
Diffstat (limited to 'bsp/meta-freescale/recipes-security/optee-imx')
12 files changed, 1152 insertions, 0 deletions
diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-client/0001-flags-do-not-override-CFLAGS-from-host.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/0001-flags-do-not-override-CFLAGS-from-host.patch new file mode 100644 index 00000000..86c360f2 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/0001-flags-do-not-override-CFLAGS-from-host.patch @@ -0,0 +1,54 @@ +From 6a600c5637c5446ab3d11eb4304a1dd473ec503e Mon Sep 17 00:00:00 2001 +From: Andrey Zhizhikin <andrey.z@gmail.com> +Date: Thu, 4 Jun 2020 19:24:05 +0000 +Subject: [PATCH] flags: do not override CFLAGS from host + +Some build systems set CFLAGS in environment before the build, but they +got overridden by CFLAGS immediate assignment operator. + +Replace immediate assignment with append directive and use override +directive, so the former definition of CFLAGS gets passed either from +command line or via environment is completely expanded (see [1] for +detailed explanation of override directive and variable append). + +Link: [1] https://www.gnu.org/software/make/manual/html_node/Override-Directive.html + +Upstream-Status: Backport [https://github.com/OP-TEE/optee_client/pull/211] + +Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com> +Reviewed-by: Jerome Forissier <jerome@forissier.org> +Reviewed-by: Joakim Bech <joakim.bech@linaro.org> +--- + flags.mk | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/flags.mk b/flags.mk +index 71f3d18..faabef9 100644 +--- a/flags.mk ++++ b/flags.mk +@@ -6,7 +6,7 @@ CROSS_COMPILE ?= arm-linux-gnueabihf- + CC ?= $(CROSS_COMPILE)gcc + AR ?= $(CROSS_COMPILE)ar + +-CFLAGS := -Wall -Wbad-function-cast -Wcast-align \ ++override CFLAGS += -Wall -Wbad-function-cast -Wcast-align \ + -Werror-implicit-function-declaration -Wextra \ + -Wfloat-equal -Wformat-nonliteral -Wformat-security \ + -Wformat=2 -Winit-self -Wmissing-declarations \ +@@ -15,11 +15,11 @@ CFLAGS := -Wall -Wbad-function-cast -Wcast-align \ + -Wpointer-arith -Wshadow -Wstrict-prototypes \ + -Wswitch-default -Wunsafe-loop-optimizations \ + -Wwrite-strings -Werror +-CFLAGS += -c -fPIC ++override CFLAGS += -c -fPIC + + DEBUG ?= 0 + ifeq ($(DEBUG), 1) +-CFLAGS += -DDEBUG -O0 -g ++override CFLAGS += -DDEBUG -O0 -g + endif + + RM := rm -f +-- +2.17.1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-client/tee-supplicant.service b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/tee-supplicant.service new file mode 100644 index 00000000..0e2b4f6b --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/tee-supplicant.service @@ -0,0 +1,11 @@ +[Unit] +Description=TEE Supplicant + +[Service] +User=root +EnvironmentFile=-/etc/default/tee-supplicant +ExecStart=/usr/bin/tee-supplicant $OPTARGS + +[Install] +WantedBy=basic.target + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-client_3.2.0.imx.bb b/bsp/meta-freescale/recipes-security/optee-imx/optee-client_3.2.0.imx.bb new file mode 100644 index 00000000..19770849 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-client_3.2.0.imx.bb @@ -0,0 +1,52 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE Client libs" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +inherit python3native systemd + +SRCBRANCH = "lf-5.4.y" +OPTEE_CLIENT_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-client.git;protocol=https" +SRC_URI = "${OPTEE_CLIENT_SRC};branch=${SRCBRANCH}" + +SRCREV = "71a9bef78fff2d5d4db8a2307d3b91e2aa671dc9" + +SRC_URI += "file://tee-supplicant.service \ + file://0001-flags-do-not-override-CFLAGS-from-host.patch \ +" + +S = "${WORKDIR}/git" +SYSTEMD_SERVICE_${PN} = "tee-supplicant.service" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +EXTRA_OEMAKE = "ARCH=${OPTEE_ARCH}" + +do_install () { + oe_runmake install + + install -D -p -m0644 ${S}/out/export/lib/libteec.so.1.0 ${D}${libdir}/libteec.so.1.0 + ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so + ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so.1 + + install -D -p -m0755 ${S}/out/export/bin/tee-supplicant ${D}${bindir}/tee-supplicant + + cp -a ${S}/out/export/include ${D}/usr/ + + sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${WORKDIR}/tee-supplicant.service + install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service +} + +PACKAGES += "tee-supplicant" +FILES_${PN} += "${libdir}/* ${includedir}/*" +FILES_tee-supplicant += "${bindir}/tee-supplicant" + +INSANE_SKIP_${PN} = "ldflags dev-elf" +INSANE_SKIP_${PN}-dev = "ldflags dev-elf" +INSANE_SKIP_tee-supplicant = "ldflags" + +COMPATIBLE_MACHINE = "(mx6|mx7|mx8)" diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch new file mode 100644 index 00000000..509c7fb6 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch @@ -0,0 +1,158 @@ +From 027a3b9a33fbb23e1d1d7ed6411d4d112d2a55a1 Mon Sep 17 00:00:00 2001 +From: Andrey Zhizhikin <andrey.z@gmail.com> +Date: Sat, 30 May 2020 22:00:59 +0000 +Subject: [PATCH] optee-os: fix gcc10 compilation issue and missing cc-options + +Backport PR 3891 from upstream to imx fork, which addressed compilation +failure when GCC10 is used. + +Additional changes ported fixed cc-options macro, which allows to query +compiler used if the desired option exists before it could be set. This +solves also the build issues when GCC9 is used to build this component. + +Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/3891] + +Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com> +--- + core/arch/arm/arm.mk | 21 ++++++++++++++++----- + core/core.mk | 5 +---- + mk/cc-option.mk | 9 +++++++++ + mk/gcc.mk | 2 +- + ta/mk/ta_dev_kit.mk | 3 +++ + ta/ta.mk | 1 + + 6 files changed, 31 insertions(+), 10 deletions(-) + create mode 100644 mk/cc-option.mk + +diff --git a/core/arch/arm/arm.mk b/core/arch/arm/arm.mk +index aa101be8..4123d85d 100644 +--- a/core/arch/arm/arm.mk ++++ b/core/arch/arm/arm.mk +@@ -1,3 +1,16 @@ ++# Setup compiler for the core module ++ifeq ($(CFG_ARM64_core),y) ++arch-bits-core := 64 ++else ++arch-bits-core := 32 ++endif ++CROSS_COMPILE_core := $(CROSS_COMPILE$(arch-bits-core)) ++COMPILER_core := $(COMPILER) ++include mk/$(COMPILER_core).mk ++ ++# Defines the cc-option macro using the compiler set for the core module ++include mk/cc-option.mk ++ + CFG_LTC_OPTEE_THREAD ?= y + # Size of emulated TrustZone protected SRAM, 448 kB. + # Only applicable when paging is enabled. +@@ -88,7 +101,7 @@ arm32-platform-aflags-no-hard-float ?= + + arm64-platform-cflags-no-hard-float ?= -mgeneral-regs-only + arm64-platform-cflags-hard-float ?= +-arm64-platform-cflags-generic ?= -mstrict-align ++arm64-platform-cflags-generic := -mstrict-align $(call cc-option,-mno-outline-atomics,) + + ifeq ($(DEBUG),1) + # For backwards compatibility +@@ -117,14 +130,12 @@ core-platform-aflags += $(platform-aflags-generic) + core-platform-aflags += $(platform-aflags-debug-info) + + ifeq ($(CFG_ARM64_core),y) +-arch-bits-core := 64 + core-platform-cppflags += $(arm64-platform-cppflags) + core-platform-cflags += $(arm64-platform-cflags) + core-platform-cflags += $(arm64-platform-cflags-generic) + core-platform-cflags += $(arm64-platform-cflags-no-hard-float) + core-platform-aflags += $(arm64-platform-aflags) + else +-arch-bits-core := 32 + core-platform-cppflags += $(arm32-platform-cppflags) + core-platform-cflags += $(arm32-platform-cflags) + core-platform-cflags += $(arm32-platform-cflags-no-hard-float) +@@ -196,5 +207,5 @@ ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE64 ?= $$(CROSS_COMPILE)_nl_ + ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE_ta_arm64 ?= $$(CROSS_COMPILE64)_nl_ + endif + +-# Set cross compiler prefix for each submodule +-$(foreach sm, core $(ta-targets), $(eval CROSS_COMPILE_$(sm) ?= $(CROSS_COMPILE$(arch-bits-$(sm))))) ++# Set cross compiler prefix for each TA target ++$(foreach sm, $(ta-targets), $(eval CROSS_COMPILE_$(sm) ?= $(CROSS_COMPILE$(arch-bits-$(sm))))) +diff --git a/core/core.mk b/core/core.mk +index c05815f3..68f45552 100644 +--- a/core/core.mk ++++ b/core/core.mk +@@ -8,6 +8,7 @@ arch-dir := core/arch/$(ARCH) + platform-dir := $(arch-dir)/plat-$(PLATFORM) + include $(platform-dir)/conf.mk + include mk/config.mk ++# $(ARCH).mk also sets the compiler for the core module + include core/arch/$(ARCH)/$(ARCH).mk + + PLATFORM_$(PLATFORM) := y +@@ -16,10 +17,6 @@ PLATFORM_FLAVOR_$(PLATFORM_FLAVOR) := y + $(call cfg-depends-all,CFG_PAGED_USER_TA,CFG_WITH_PAGER CFG_WITH_USER_TA) + include core/crypto.mk + +-# Setup compiler for this sub module +-COMPILER_$(sm) ?= $(COMPILER) +-include mk/$(COMPILER_$(sm)).mk +- + cppflags$(sm) += -D__KERNEL__ + + cppflags$(sm) += -Icore/include +diff --git a/mk/cc-option.mk b/mk/cc-option.mk +new file mode 100644 +index 00000000..4699fbcc +--- /dev/null ++++ b/mk/cc-option.mk +@@ -0,0 +1,9 @@ ++_cc-option-supported = $(if $(shell $(CC$(sm)) $(1) -c -x c /dev/null -o /dev/null 2>/dev/null >/dev/null || echo "Not supported"),,1) ++_cc-opt-cached-var-name = $(subst =,~,$(strip cached-cc-option-$(1)-$(subst $(empty) $(empty),,$(CC$(sm))))) ++define _cc-option ++$(eval _var_name := $(call _cc-opt-cached-var-name,$(1))) ++$(eval $(_var_name) := $(if $(filter $(origin $(_var_name)),undefined),$(call _cc-option-supported,$(1)),$($(_var_name)))) ++$(if $($(_var_name)),$(1),$(2)) ++endef ++cc-option = $(strip $(call _cc-option,$(1),$(2))) ++ +diff --git a/mk/gcc.mk b/mk/gcc.mk +index 1f2c5990..c53a23b1 100644 +--- a/mk/gcc.mk ++++ b/mk/gcc.mk +@@ -12,7 +12,7 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \ + -print-file-name=include 2> /dev/null) + + # Get location of libgcc from gcc +-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) $(comp-cflags$(sm)) \ ++libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ + -print-libgcc-file-name 2> /dev/null) + + # Define these to something to discover accidental use +diff --git a/ta/mk/ta_dev_kit.mk b/ta/mk/ta_dev_kit.mk +index fa0bddfe..ae70ef87 100644 +--- a/ta/mk/ta_dev_kit.mk ++++ b/ta/mk/ta_dev_kit.mk +@@ -78,6 +78,9 @@ clean: + @$(cmd-echo-silent) ' CLEAN $(O)' + ${q}if [ -d "$(O)" ]; then $(RMDIR) $(O); fi + ++include $(ta-dev-kit-dir$(sm))/mk/$(COMPILER_$(sm)).mk ++include $(ta-dev-kit-dir$(sm))/mk/cc-option.mk ++ + subdirs = . + include $(ta-dev-kit-dir)/mk/subdir.mk + +diff --git a/ta/ta.mk b/ta/ta.mk +index 32353de3..9c64319d 100644 +--- a/ta/ta.mk ++++ b/ta/ta.mk +@@ -98,6 +98,7 @@ $(foreach f, $(libfiles), \ + + # Copy .mk files + ta-mkfiles = mk/compile.mk mk/subdir.mk mk/gcc.mk mk/cleandirs.mk \ ++ mk/cc-option.mk \ + ta/arch/$(ARCH)/link.mk ta/arch/$(ARCH)/link_shlib.mk \ + ta/mk/ta_dev_kit.mk + +-- +2.17.1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-scripts-update-scripts-to-use-python3.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-scripts-update-scripts-to-use-python3.patch new file mode 100644 index 00000000..9621cf6c --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-scripts-update-scripts-to-use-python3.patch @@ -0,0 +1,427 @@ +From 0d4941123b5a88351f5954f6de00892f85ed5abc Mon Sep 17 00:00:00 2001 +From: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com> +Date: Mon, 20 Jan 2020 22:32:13 +0000 +Subject: [PATCH] scripts: update scripts to use python3 + +Python2 is deprecated effective Jan. 2020, and is not available in +several distributions. + +Update scripts here to re-target then onto python version 3. + +Upstream-Status: Pending + +Signed-off-by: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com> +--- + scripts/gen_hashed_bin.py | 282 ++++++++++++++++++++------------------ + scripts/gen_ld_sects.py | 8 +- + scripts/pem_to_pub_c.py | 2 +- + scripts/sign.py | 2 +- + scripts/symbolize.py | 2 +- + scripts/ta_bin_to_c.py | 2 +- + scripts/tee_bin_parser.py | 2 +- + 7 files changed, 157 insertions(+), 143 deletions(-) + +diff --git a/scripts/gen_hashed_bin.py b/scripts/gen_hashed_bin.py +index 32350a47..a76a62cc 100755 +--- a/scripts/gen_hashed_bin.py ++++ b/scripts/gen_hashed_bin.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2014-2017, Linaro Limited +@@ -14,163 +14,177 @@ import hashlib + arch_id = {'arm32': 0, 'arm64': 1} + image_id = {'pager': 0, 'paged': 1} + ++ + def write_header_v1(outf, init_size, args, paged_size): +- magic = 0x4554504f # 'OPTE' +- version = 1; +- outf.write(struct.pack('<IBBHIIIII', \ +- magic, version, arch_id[args.arch], args.flags, init_size, \ +- args.init_load_addr_hi, args.init_load_addr_lo, \ +- args.init_mem_usage, paged_size)) ++ magic = 0x4554504f # 'OPTE' ++ version = 1 ++ outf.write(struct.pack('<IBBHIIIII', ++ magic, ++ version, ++ arch_id[args.arch], ++ args.flags, ++ init_size, ++ args.init_load_addr_hi, ++ args.init_load_addr_lo, ++ args.init_mem_usage, ++ paged_size)) ++ + + def write_header_v2(outf, init_size, args, paged_size): +- magic = 0x4554504f # 'OPTE' +- version = 2 +- nb_images = 1 if paged_size == 0 else 2 +- outf.write(struct.pack('<IBBHI', \ +- magic, version, arch_id[args.arch], args.flags, nb_images)) +- outf.write(struct.pack('<IIII', \ +- args.init_load_addr_hi, args.init_load_addr_lo, \ +- image_id['pager'], init_size)) +- if nb_images == 2: +- outf.write(struct.pack('<IIII', \ +- 0xffffffff, 0xffffffff, image_id['paged'], paged_size)) ++ magic = 0x4554504f # 'OPTE' ++ version = 2 ++ nb_images = 1 if paged_size == 0 else 2 ++ outf.write(struct.pack('<IBBHI', magic, version, ++ arch_id[args.arch], args.flags, nb_images)) ++ outf.write(struct.pack('<IIII', ++ args.init_load_addr_hi, args.init_load_addr_lo, ++ image_id['pager'], init_size)) ++ if nb_images == 2: ++ outf.write( ++ struct.pack( ++ '<IIII', ++ 0xffffffff, ++ 0xffffffff, ++ image_id['paged'], ++ paged_size)) ++ + + def append_to(outf, start_offs, in_fname, max_bytes=0xffffffff): +- #print "Appending %s@0x%x 0x%x bytes at position 0x%x" % \ +- #( in_fname, start_offs, max_bytes, int(outf.tell()) ) +- inf = open(in_fname, 'rb'); +- inf.seek(start_offs) +- while True : +- nbytes = min(16 * 1024, max_bytes) +- if nbytes == 0 : +- break +- #print "Reading %s %d bytes" % (in_fname, nbytes) +- buf = inf.read(nbytes) +- if not buf : +- break +- outf.write(buf) +- max_bytes -= len(buf) +- inf.close() ++ inf = open(in_fname, 'rb') ++ inf.seek(start_offs) ++ while True: ++ nbytes = min(16 * 1024, max_bytes) ++ if nbytes == 0: ++ break ++ buf = inf.read(nbytes) ++ if not buf: ++ break ++ outf.write(buf) ++ max_bytes -= len(buf) ++ inf.close() ++ + + def append_hashes(outf, in_fname): +- page_size = 4 * 1024 +- +- inf = open(in_fname, 'r') +- while True : +- page = inf.read(page_size) +- if len(page) == page_size : +- #print "Writing hash at position 0x%x" % \ +- #int(outf.tell()) +- outf.write(hashlib.sha256(page).digest()) +- elif len(page) == 0 : +- break +- else : +- print("Error: short read, got " + repr(len(page))) +- sys.exit(1) +- +- inf.close() ++ page_size = 4 * 1024 ++ ++ inf = open(in_fname, 'rb') ++ while True: ++ page = inf.read(page_size) ++ if len(page) == page_size: ++ outf.write(hashlib.sha256(page).digest()) ++ elif len(page) == 0: ++ break ++ else: ++ print("Error: short read, got {}".format(len(page))) ++ sys.exit(1) ++ ++ inf.close() ++ + + def int_parse(str): +- return int(str, 0) ++ return int(str, 0) ++ + + def get_args(): +- parser = argparse.ArgumentParser() +- parser.add_argument('--arch', required=True, \ +- choices=arch_id.keys(), \ +- help='Architecture') ++ parser = argparse.ArgumentParser() ++ parser.add_argument('--arch', required=True, ++ choices=list(arch_id.keys()), ++ help='Architecture') + +- parser.add_argument('--flags', \ +- type=int, default=0, \ +- help='Flags, currently none defined') ++ parser.add_argument('--flags', ++ type=int, default=0, ++ help='Flags, currently none defined') + +- parser.add_argument('--init_size', \ +- required=True, type=int_parse, \ +- help='Size of initialization part of binary') ++ parser.add_argument('--init_size', ++ required=True, type=int_parse, ++ help='Size of initialization part of binary') + +- parser.add_argument('--init_load_addr_hi', \ +- type=int_parse, default=0, \ +- help='Upper 32 bits of load address of binary') ++ parser.add_argument('--init_load_addr_hi', ++ type=int_parse, default=0, ++ help='Upper 32 bits of load address of binary') + +- parser.add_argument('--init_load_addr_lo', \ +- required=True, type=int_parse, \ +- help='Lower 32 bits of load address of binary') ++ parser.add_argument('--init_load_addr_lo', ++ required=True, type=int_parse, ++ help='Lower 32 bits of load address of binary') + +- parser.add_argument('--init_mem_usage', \ +- required=True, type=int_parse, \ +- help='Total amount of used memory when initializing'); ++ parser.add_argument('--init_mem_usage', ++ required=True, type=int_parse, ++ help='Total amount of used memory when initializing') + +- parser.add_argument('--tee_pager_bin', \ +- required=True, \ +- help='The input tee_pager.bin') ++ parser.add_argument('--tee_pager_bin', ++ required=True, ++ help='The input tee_pager.bin') + +- parser.add_argument('--tee_pageable_bin', \ +- required=True, \ +- help='The input tee_pageable.bin') ++ parser.add_argument('--tee_pageable_bin', ++ required=True, ++ help='The input tee_pageable.bin') + +- parser.add_argument('--out', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee.bin') ++ parser.add_argument('--out', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee.bin') + +- parser.add_argument('--out_header_v2', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee_header_v2.bin') ++ parser.add_argument('--out_header_v2', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee_header_v2.bin') + +- parser.add_argument('--out_pager_v2', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee_pager_v2.bin') ++ parser.add_argument('--out_pager_v2', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee_pager_v2.bin') + +- parser.add_argument('--out_pageable_v2', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee_pageable_v2.bin') ++ parser.add_argument('--out_pageable_v2', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee_pageable_v2.bin') ++ ++ return parser.parse_args() + +- return parser.parse_args(); + + def main(): +- args = get_args() +- init_bin_size = args.init_size +- tee_pager_fname = args.tee_pager_bin +- tee_pageable_fname = args.tee_pageable_bin +- pager_input_size = os.path.getsize(tee_pager_fname); +- paged_input_size = os.path.getsize(tee_pageable_fname); +- hash_size = paged_input_size / (4 * 1024) * \ +- hashlib.sha256().digest_size +- +- if paged_input_size % (4 * 1024) != 0: +- print("Error: pageable size not a multiple of 4K:" + \ +- repr(paged_input_size)) +- sys.exit(1) +- +- init_size = pager_input_size + \ +- min(init_bin_size, paged_input_size) + \ +- hash_size +- paged_size = paged_input_size - \ +- min(init_bin_size, paged_input_size) +- +- if args.out is not None: +- outf = args.out +- write_header_v1(outf, init_size, args, paged_size) +- append_to(outf, 0, tee_pager_fname) +- append_to(outf, 0, tee_pageable_fname, init_bin_size) +- append_hashes(outf, tee_pageable_fname) +- append_to(outf, init_bin_size, tee_pageable_fname) +- outf.close() +- +- if args.out_header_v2 is not None: +- outf = args.out_header_v2 +- write_header_v2(outf, init_size, args, paged_size) +- outf.close() +- +- if args.out_pager_v2 is not None: +- outf = args.out_pager_v2 +- append_to(outf, 0, tee_pager_fname) +- append_to(outf, 0, tee_pageable_fname, init_bin_size) +- append_hashes(outf, tee_pageable_fname) +- outf.close() +- +- if args.out_pageable_v2 is not None: +- outf = args.out_pageable_v2 +- append_to(outf, init_bin_size, tee_pageable_fname) +- outf.close() ++ args = get_args() ++ init_bin_size = args.init_size ++ tee_pager_fname = args.tee_pager_bin ++ tee_pageable_fname = args.tee_pageable_bin ++ pager_input_size = os.path.getsize(tee_pager_fname) ++ paged_input_size = os.path.getsize(tee_pageable_fname) ++ hash_size = paged_input_size // (4 * 1024) * \ ++ hashlib.sha256().digest_size ++ ++ if paged_input_size % (4 * 1024) != 0: ++ print("Error: pageable size not a multiple of 4K: {}".format( ++ paged_input_size)) ++ sys.exit(1) ++ ++ init_size = pager_input_size + \ ++ min(init_bin_size, paged_input_size) + \ ++ hash_size ++ paged_size = paged_input_size - \ ++ min(init_bin_size, paged_input_size) ++ ++ if args.out is not None: ++ outf = args.out ++ write_header_v1(outf, init_size, args, paged_size) ++ append_to(outf, 0, tee_pager_fname) ++ append_to(outf, 0, tee_pageable_fname, init_bin_size) ++ append_hashes(outf, tee_pageable_fname) ++ append_to(outf, init_bin_size, tee_pageable_fname) ++ outf.close() ++ ++ if args.out_header_v2 is not None: ++ outf = args.out_header_v2 ++ write_header_v2(outf, init_size, args, paged_size) ++ outf.close() ++ ++ if args.out_pager_v2 is not None: ++ outf = args.out_pager_v2 ++ append_to(outf, 0, tee_pager_fname) ++ append_to(outf, 0, tee_pageable_fname, init_bin_size) ++ append_hashes(outf, tee_pageable_fname) ++ outf.close() ++ ++ if args.out_pageable_v2 is not None: ++ outf = args.out_pageable_v2 ++ append_to(outf, init_bin_size, tee_pageable_fname) ++ outf.close() ++ + + if __name__ == "__main__": +- main() ++ main() +diff --git a/scripts/gen_ld_sects.py b/scripts/gen_ld_sects.py +index c5dc3a7b..2bdbb192 100755 +--- a/scripts/gen_ld_sects.py ++++ b/scripts/gen_ld_sects.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +@@ -8,8 +8,8 @@ import sys + import re + + def usage(): +- print "Usage: {0} <section reg exp match> [<skip section>...]".format( \ +- sys.argv[0]) ++ print("Usage: {0} <section reg exp match> [<skip section>...]".format( \ ++ sys.argv[0])) + sys.exit (1) + + def main(): +@@ -55,7 +55,7 @@ def main(): + if sect_name in skip_sections : + continue + +- print '\t*({0})'.format(sect_name) ++ print ('\t*({0})'.format(sect_name)) + + if __name__ == "__main__": + main() +diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py +index 6b8fa365..0b03d62e 100755 +--- a/scripts/pem_to_pub_c.py ++++ b/scripts/pem_to_pub_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2015, Linaro Limited +diff --git a/scripts/sign.py b/scripts/sign.py +index ad47479b..348b40a2 100755 +--- a/scripts/sign.py ++++ b/scripts/sign.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # + # Copyright (c) 2015, 2017, Linaro Limited + # +diff --git a/scripts/symbolize.py b/scripts/symbolize.py +index 1eecf758..0e9bd3ed 100755 +--- a/scripts/symbolize.py ++++ b/scripts/symbolize.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/ta_bin_to_c.py b/scripts/ta_bin_to_c.py +index cabddbbd..f325fda0 100755 +--- a/scripts/ta_bin_to_c.py ++++ b/scripts/ta_bin_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/tee_bin_parser.py b/scripts/tee_bin_parser.py +index 5f7dd3f0..07da5791 100755 +--- a/scripts/tee_bin_parser.py ++++ b/scripts/tee_bin_parser.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2016, Linaro Limited +-- +2.17.1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-os_3.2.0.imx.bb b/bsp/meta-freescale/recipes-security/optee-imx/optee-os_3.2.0.imx.bb new file mode 100644 index 00000000..d2c82940 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-os_3.2.0.imx.bb @@ -0,0 +1,96 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE OS" +DESCRIPTION = "OPTEE OS" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +inherit deploy python3native autotools +DEPENDS = "python3-pycrypto-native u-boot-mkimage-native" + +SRCBRANCH = "lf-5.4.y" +OPTEE_OS_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-os.git;protocol=https" +SRC_URI = "\ + ${OPTEE_OS_SRC};branch=${SRCBRANCH} \ + file://0001-scripts-update-scripts-to-use-python3.patch \ + file://0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch \ +" + +SRCREV = "6d99b525af752ecdaabdca6098b2564b2665f2b2" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build.${PLATFORM_FLAVOR}" + +# The platform flavor corresponds to the Yocto machine without the leading 'i'. +PLATFORM_FLAVOR = "${@d.getVar('MACHINE')[1:]}" +PLATFORM_FLAVOR_imx6qpdlsolox = "mx6qsabresd" +PLATFORM_FLAVOR_imx6ul7d = "mx6ulevk" +PLATFORM_FLAVOR_imx6ull14x14evk = "mx6ullevk" +PLATFORM_FLAVOR_imx6ull9x9evk = "mx6ullevk" +PLATFORM_FLAVOR_imx6ulz14x14evk = "mx6ulzevk" +PLATFORM_FLAVOR_mx8mm = "mx8mmevk" +PLATFORM_FLAVOR_mx8mn = "mx8mnevk" +PLATFORM_FLAVOR_mx8qxp = "mx8qxpmek" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +# Optee-os can be built for 32 bits and 64 bits at the same time +# as long as the compilers are correctly defined. +# For 64bits, CROSS_COMPILE64 must be set +# When defining CROSS_COMPILE and CROSS_COMPILE64, we assure that +# any 32 or 64 bits builds will pass +EXTRA_OEMAKE = "PLATFORM=imx PLATFORM_FLAVOR=${PLATFORM_FLAVOR} \ + CROSS_COMPILE=${HOST_PREFIX} \ + CROSS_COMPILE64=${HOST_PREFIX} \ + NOWERROR=1 \ + LDFLAGS= \ + O=${B} \ + " + + +do_compile () { + unset LDFLAGS + export CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_HOST}" + oe_runmake -C ${S} all CFG_TEE_TA_LOG_LEVEL=0 +} + + +do_deploy () { + install -d ${DEPLOYDIR} + ${TARGET_PREFIX}objcopy -O binary ${B}/core/tee.elf ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin + + if [ "${OPTEE_ARCH}" != "arm64" ]; then + IMX_LOAD_ADDR=`cat ${B}/core/tee-init_load_addr.txt` && \ + uboot-mkimage -A arm -O linux -C none -a ${IMX_LOAD_ADDR} -e ${IMX_LOAD_ADDR} \ + -d ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin ${DEPLOYDIR}/uTee-${OPTEE_BIN_EXT} + fi + + cd ${DEPLOYDIR} + ln -sf tee.${PLATFORM_FLAVOR}.bin tee.bin + cd - +} + +do_install () { + install -d ${D}${nonarch_base_libdir}/firmware/ + install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ + + # Install the TA devkit + install -d ${D}/usr/include/optee/export-user_ta_${OPTEE_ARCH}/ + + for f in ${B}/export-ta_${OPTEE_ARCH}/*; do + cp -aR $f ${D}/usr/include/optee/export-user_ta_${OPTEE_ARCH}/ + done +} + +addtask deploy after do_compile before do_install + + +FILES_${PN} = "${nonarch_base_libdir}/firmware/" +FILES_${PN}-staticdev = "/usr/include/optee/" +RDEPENDS_${PN}-dev += "${PN}-staticdev" + +PACKAGE_ARCH = "${MACHINE_ARCH}" +COMPATIBLE_MACHINE = "(imx)" diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0001-use-python3-instead-of-python.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0001-use-python3-instead-of-python.patch new file mode 100644 index 00000000..20f190af --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0001-use-python3-instead-of-python.patch @@ -0,0 +1,48 @@ +From 6271160639002a2580d80b75b5397a96d56329f2 Mon Sep 17 00:00:00 2001 +From: Scott Branden <scott.branden@broadcom.com> +Date: Fri, 27 Dec 2019 12:54:28 -0800 +Subject: [PATCH] use python3 instead of python + +use python3 instead of python as python2 is EOL January 2020. + +Signed-off-by: Scott Branden <scott.branden@broadcom.com> +Reviewed-by: Jerome Forissier <jerome@forissier.org> +Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, CFG_GCM_NIST_VECTORS=y) +Upstream-Status: Backport from v3.8.0 +--- + scripts/file_to_c.py | 4 ++-- + scripts/rsp_to_gcm_test.py | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/scripts/file_to_c.py b/scripts/file_to_c.py +index ae16f52..b4ce2a2 100755 +--- a/scripts/file_to_c.py ++++ b/scripts/file_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2018, Linaro Limited +@@ -29,7 +29,7 @@ def main(): + + f.write("const uint8_t " + args.name + "[] = {\n") + i = 0 +- for x in array.array("B", inf.read()): ++ for x in array.array("B", map(ord, (inf.read()))): + f.write("0x" + '{0:02x}'.format(x) + ",") + i = i + 1 + if i % 8 == 0: +diff --git a/scripts/rsp_to_gcm_test.py b/scripts/rsp_to_gcm_test.py +index 0543541..e4418be 100755 +--- a/scripts/rsp_to_gcm_test.py ++++ b/scripts/rsp_to_gcm_test.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + modes = {'encrypt': 0, 'decrypt': 1} + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch new file mode 100644 index 00000000..d32a8eb7 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch @@ -0,0 +1,41 @@ +From dc8cd1c43edeedb9f7335020537c4ffdddd683f8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> +Date: Thu, 7 Feb 2019 01:26:53 +0000 +Subject: [PATCH 1/3] sock_server: fix compilation against musl (sys/errno.h) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Compiling against musl-libc fails with the following error: + +| In file included from .../host/xtest/sock_server.c:24: +| .../usr/include/sys/errno.h:1:2: error: #warning redirecting incorrect #include <sys/errno.h> to <errno.h> [-Werror=cpp] +| #warning redirecting incorrect #include <sys/errno.h> to <errno.h> +| ^~~~~~~ + +Just remove the needless include. + +Signed-off-by: André Draszik <andre.draszik@jci.com> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.5.0] + host/xtest/sock_server.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/host/xtest/sock_server.c b/host/xtest/sock_server.c +index 0d2ff06..1ba73d6 100644 +--- a/host/xtest/sock_server.c ++++ b/host/xtest/sock_server.c +@@ -21,7 +21,6 @@ + #include <netdb.h> + #include <netinet/in.h> + #include <poll.h> +-#include <sys/errno.h> + #include <sys/socket.h> + #include <unistd.h> + +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0004-build-ignore-declaration-after-statement-warnings.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0004-build-ignore-declaration-after-statement-warnings.patch new file mode 100644 index 00000000..ed45df60 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0004-build-ignore-declaration-after-statement-warnings.patch @@ -0,0 +1,62 @@ +From 1401b89684ee81bf0b3d3dea06e2926b24ba3f97 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> +Date: Thu, 7 Feb 2019 01:29:08 +0000 +Subject: [PATCH 2/3] build: ignore declaration-after-statement warnings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +| Makefile:37: recipe for target 'xtest' failed +| make: *** [xtest] Error 2 +| make: *** Waiting for unfinished jobs.... +| arith_taf.c: In function 'get_handle': +| arith_taf.c:56:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| int h = handle_get(&hdb, ptr); +| ^~~ +| arith_taf.c: In function 'ta_entry_arith_new_var': +| arith_taf.c:82:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| size_t len = TEE_BigIntSizeInU32(params[0].value.a); +| ^~~~~~ +| arith_taf.c: In function 'ta_entry_arith_new_fmm_var': +| arith_taf.c:129:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| size_t len = TEE_BigIntFMMSizeInU32(params[0].value.a); +| ^~~~~~ +| arith_taf.c: In function 'ta_entry_arith_free_handle': +| arith_taf.c:150:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| void *ptr = put_handle(params[0].value.a & ~HT_MASK); +| ^~~~ +| arith_taf.c: In function 'ta_entry_arith_from_octet_string': +| arith_taf.c:165:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| TEE_BigInt *big_int = lookup_handle(HT_BIGINT, params[0].value.a); +| ^~~~~~~~~~ +| arith_taf.c: In function 'ta_entry_arith_from_s32': +| arith_taf.c:181:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| TEE_BigInt *big_int = lookup_handle(HT_BIGINT, params[0].value.a); +| ^~~~~~~~~~ + +etc. + +Signed-off-by: André Draszik <andre.draszik@jci.com> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.5.0] + host/xtest/Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/host/xtest/Makefile b/host/xtest/Makefile +index f4291e0..e97e555 100644 +--- a/host/xtest/Makefile ++++ b/host/xtest/Makefile +@@ -154,6 +154,7 @@ CFLAGS += -Wall -Wcast-align -Werror \ + -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ + -Wshadow -Wstrict-prototypes -Wswitch-default \ + -Wwrite-strings \ ++ -Wno-declaration-after-statement \ + -Wno-missing-field-initializers -Wno-format-zero-length + endif + +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0005-benchmark_1000-fix-compilation-against-musl-uint.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0005-benchmark_1000-fix-compilation-against-musl-uint.patch new file mode 100644 index 00000000..58734aa4 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0005-benchmark_1000-fix-compilation-against-musl-uint.patch @@ -0,0 +1,57 @@ +From f74e9f339a8e8cb97fc8ea03bef51d7e3862a60a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> +Date: Thu, 7 Feb 2019 01:31:27 +0000 +Subject: [PATCH 3/3] benchmark_1000: fix compilation against musl (uint) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Compiling against musl-libc fails with the following error: + +| .../host/xtest/benchmark_1000.c: In function 'show_test_result': +| .../host/xtest/benchmark_1000.c:102:2: error: unknown type name 'uint'; did you mean 'int'? +| uint i; +| ^~~~ +| int +| ...host/xtest/benchmark_1000.c:108:16: error: comparison of integer expressions of different signedness: 'int' and 'size_t' {aka 'unsigned int'} [-Werror=sign-compare] +| for (i = 0; i < size; i++) { +| ^ + +etc. + +Convert to using more standard size_t + +Signed-off-by: André Draszik <andre.draszik@jci.com> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.5.0] + host/xtest/benchmark_1000.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/host/xtest/benchmark_1000.c b/host/xtest/benchmark_1000.c +index bf92fa0..1caf420 100644 +--- a/host/xtest/benchmark_1000.c ++++ b/host/xtest/benchmark_1000.c +@@ -99,7 +99,7 @@ static TEEC_Result run_chunk_access_test(enum storage_benchmark_cmd cmd, + + static void show_test_result(struct test_record records[], size_t size) + { +- uint i; ++ size_t i; + + printf("-----------------+---------------+----------------\n"); + printf(" Data Size (B) \t | Time (s)\t | Speed (kB/s)\t \n"); +@@ -119,7 +119,7 @@ static void chunk_test(ADBG_Case_t *c, enum storage_benchmark_cmd cmd) + { + uint32_t chunk_size = DEFAULT_CHUNK_SIZE; + struct test_record records[ARRAY_SIZE(data_size_table) - 1]; +- uint i; ++ size_t i; + + for (i = 0; data_size_table[i]; i++) { + ADBG_EXPECT_TEEC_SUCCESS(c, +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0006-regression_8100-use-null-terminated-strings-with-fil.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0006-regression_8100-use-null-terminated-strings-with-fil.patch new file mode 100644 index 00000000..1a5c4044 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0006-regression_8100-use-null-terminated-strings-with-fil.patch @@ -0,0 +1,88 @@ +From 7d566ed585d1e13f444d48fde5705b5be54de4af Mon Sep 17 00:00:00 2001 +From: Ricardo Salveti <ricardo@foundries.io> +Date: Wed, 26 Jun 2019 17:32:11 -0300 +Subject: [PATCH] regression_8100: use null terminated strings with file_to_c + +GCC 9 is more strict with string manipulation, causing the build to +fail as the string data converted via file_to_c is not null terminated, +as described by the following build error: + +regression_8100.c:100:29: error: '%*s' directive argument is not a +nul-terminated string [-Werror=format-overflow=] +tlen = myasprintf(&trust, "%*s", (int)sizeof(regression_8100_ca_crt), + ^~~ + regression_8100_ca_crt); + ~~~~~~~~~~~~~~~~~~~~~~ + +Change file_to_c to terminate the string after conversion and update the +string size to remove the null terminated byte. Also update +regression_8100 to use the size variable defined via file_to_c instead +of manually calling sizeof. + +Signed-off-by: Ricardo Salveti <ricardo@foundries.io> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.6.0] + host/xtest/regression_8100.c | 10 +++++----- + scripts/file_to_c.py | 4 ++-- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/host/xtest/regression_8100.c b/host/xtest/regression_8100.c +index 04d62d9..13780e1 100644 +--- a/host/xtest/regression_8100.c ++++ b/host/xtest/regression_8100.c +@@ -91,13 +91,13 @@ static void test_8102(ADBG_Case_t *c) + return; + + clen = myasprintf(&chain, "%*s\n%*s", +- (int)sizeof(regression_8100_my_crt), ++ (int)regression_8100_my_crt_size, + regression_8100_my_crt, +- (int)sizeof(regression_8100_mid_crt), ++ (int)regression_8100_mid_crt_size, + regression_8100_mid_crt); + if (!ADBG_EXPECT_COMPARE_SIGNED(c, clen, !=, -1)) + goto out; +- tlen = myasprintf(&trust, "%*s", (int)sizeof(regression_8100_ca_crt), ++ tlen = myasprintf(&trust, "%*s", (int)regression_8100_ca_crt_size, + regression_8100_ca_crt); + if (!ADBG_EXPECT_COMPARE_SIGNED(c, tlen, !=, -1)) + goto out; +@@ -282,7 +282,7 @@ static void test_8103(ADBG_Case_t *c) + NULL, &ret_orig))) + return; + +- clen = myasprintf(&csr, "%*s", (int)sizeof(regression_8100_my_csr), ++ clen = myasprintf(&csr, "%*s", (int)regression_8100_my_csr_size, + regression_8100_my_csr); + if (!ADBG_EXPECT_COMPARE_SIGNED(c, clen, >=, 0)) + goto out; +@@ -300,7 +300,7 @@ static void test_8103(ADBG_Case_t *c) + if (!ADBG_EXPECT_TEEC_SUCCESS(c, res)) + goto out; + +- myasprintf(&ca, "%*s", (int)sizeof(regression_8100_ca_crt), ++ myasprintf(&ca, "%*s", (int)regression_8100_ca_crt_size, + regression_8100_ca_crt); + if (!ADBG_EXPECT_NOT_NULL(c, ca)) + goto out; +diff --git a/scripts/file_to_c.py b/scripts/file_to_c.py +index 83a9832..ae16f52 100755 +--- a/scripts/file_to_c.py ++++ b/scripts/file_to_c.py +@@ -37,9 +37,9 @@ def main(): + else: + f.write(" ") + +- f.write("};\n") ++ f.write("'\\0'};\n") + f.write("const size_t " + args.name + "_size = sizeof(" + +- args.name + ");\n") ++ args.name + ") - 1;\n") + + f.close() + inf.close() +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test_3.2.0.imx.bb b/bsp/meta-freescale/recipes-security/optee-imx/optee-test_3.2.0.imx.bb new file mode 100644 index 00000000..c78f9816 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test_3.2.0.imx.bb @@ -0,0 +1,58 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE test" +HOMEPAGE = "http://www.optee.org/" + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" + +DEPENDS = "optee-os optee-client python3-pycrypto-native openssl" +inherit python3native + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +SRCBRANCH = "lf-5.4.y" +OPTEE_TEST_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-test.git;protocol=https" + +SRC_URI = "${OPTEE_TEST_SRC};branch=${SRCBRANCH} \ + file://0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch \ + file://0004-build-ignore-declaration-after-statement-warnings.patch \ + file://0005-benchmark_1000-fix-compilation-against-musl-uint.patch \ + file://0006-regression_8100-use-null-terminated-strings-with-fil.patch \ + file://0001-use-python3-instead-of-python.patch \ +" + +S = "${WORKDIR}/git" + +SRCREV = "b7114b828b82f2c0eec124ed424eff1230cc5319" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +do_compile () { + export TA_DEV_KIT_DIR=${STAGING_INCDIR}/optee/export-user_ta_${OPTEE_ARCH}/ + export ARCH=${OPTEE_ARCH} + + export OPTEE_CLIENT_EXPORT=${STAGING_DIR_HOST}/usr + export CROSS_COMPILE_HOST=${HOST_PREFIX} + export CROSS_COMPILE_TA=${HOST_PREFIX} + export CROSS_COMPILE=${HOST_PREFIX} + export OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}/ + oe_runmake V=1 --warn-undefined-variables +} + +do_install () { + install -d ${D}/usr/bin + install ${S}/out/xtest/xtest ${D}/usr/bin/ + + install -d ${D}/lib/optee_armtz + find ${S}/out/ta -name '*.ta' | while read name; do + install -m 444 $name ${D}/lib/optee_armtz/ + done + +} + +FILES_${PN} = "/usr/bin/ /lib*/optee_armtz/" + +COMPATIBLE_MACHINE = "(mx6|mx7|mx8)" |