diff options
Diffstat (limited to 'bsp/meta-freescale/recipes-security/optee')
8 files changed, 318 insertions, 51 deletions
diff --git a/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb b/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb index 6aaf714c..af5fc095 100644 --- a/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb +++ b/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb @@ -4,15 +4,13 @@ HOMEPAGE = "https://github.com/qoriq-open-source/optee_client" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=69663ab153298557a59c67a60a743e5b" -inherit pythonnative systemd +inherit python3native systemd SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_client;nobranch=1 \ - file://0001-GCC-8-format-truncation-error.patch \ - file://0001-flags-CFLAGS-add-Wno-cpp.patch \ " S = "${WORKDIR}/git" -SRCREV = "ab3c79ccd3ea9323e236d30037977c0a19944dbd" +SRCREV = "08428734c67fb559e420d87fa52fd74a955ea1bd" EXTRA_OEMAKE = "ARCH=arm64" diff --git a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch new file mode 100644 index 00000000..e22bd6c0 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch @@ -0,0 +1,148 @@ +From b2dd8747125be413f9b8b7fd7e52f457cabd709c Mon Sep 17 00:00:00 2001 +From: Jens Wiklander <jens.wiklander@linaro.org> +Date: Tue, 5 Feb 2019 13:05:29 +0100 +Subject: [PATCH] Fix alignment of data for mempool_alloc_pool() + +Upstream-Status: Submitted + +Prior to this patch was _TEE_MathAPI_Init() in +lib/libutee/tee_api_arith_mpi.c supplying a data buffer which was only 4 +byte aligned while mempool_alloc_pool() requires the alignment of long. +This will work in 32-bit mode, but could lead to alignment problem in +64-bit mode. The same problem can happen with +lib/libutee/tee_api_arith_mpa.c, but so far it has remained hidden. + +Incorrect alignment can result in errors like: +E/TA: assertion '!((vaddr_t)data & (POOL_ALIGN - 1))' failed at lib/libutils/ext/mempool.c:134 in mempool_alloc_pool() + +This fix introduces MEMPOOL_ALIGN which specifies required alignment of +data supplied to mempool_alloc_pool(). + +Fixes: 062e3d01c039 ("ta: switch to to mbedtls for bignum") +Reviewed-by: Joakim Bech <joakim.bech@linaro.org> +Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v8) +Acked-by: Jerome Forissier <jerome.forissier@linaro.org> +Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> +--- + core/lib/libtomcrypt/src/mpa_desc.c | 2 +- + core/lib/libtomcrypt/src/mpi_desc.c | 2 +- + lib/libutee/tee_api_arith_mpa.c | 3 ++- + lib/libutee/tee_api_arith_mpi.c | 3 +-- + lib/libutils/ext/include/mempool.h | 5 ++++- + lib/libutils/ext/mempool.c | 9 ++++----- + 6 files changed, 13 insertions(+), 11 deletions(-) + +diff --git a/core/lib/libtomcrypt/src/mpa_desc.c b/core/lib/libtomcrypt/src/mpa_desc.c +index b407f54..58aa242 100644 +--- a/core/lib/libtomcrypt/src/mpa_desc.c ++++ b/core/lib/libtomcrypt/src/mpa_desc.c +@@ -40,7 +40,7 @@ static struct mempool *get_mpa_scratch_memory_pool(void) + #else /* CFG_WITH_PAGER */ + static struct mempool *get_mpa_scratch_memory_pool(void) + { +- static uint32_t data[LTC_MEMPOOL_U32_SIZE] __aligned(__alignof__(long)); ++ static uint32_t data[LTC_MEMPOOL_U32_SIZE] __aligned(MEMPOOL_ALIGN); + + return mempool_alloc_pool(data, sizeof(data), NULL); + } +diff --git a/core/lib/libtomcrypt/src/mpi_desc.c b/core/lib/libtomcrypt/src/mpi_desc.c +index a43fbb4..67bc3a7 100644 +--- a/core/lib/libtomcrypt/src/mpi_desc.c ++++ b/core/lib/libtomcrypt/src/mpi_desc.c +@@ -38,7 +38,7 @@ static struct mempool *get_mp_scratch_memory_pool(void) + #else /* CFG_WITH_PAGER */ + static struct mempool *get_mp_scratch_memory_pool(void) + { +- static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(__alignof__(long)); ++ static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(MEMPOOL_ALIGN); + + return mempool_alloc_pool(data, sizeof(data), NULL); + } +diff --git a/lib/libutee/tee_api_arith_mpa.c b/lib/libutee/tee_api_arith_mpa.c +index 0f6c7f1..a8ca6aa 100644 +--- a/lib/libutee/tee_api_arith_mpa.c ++++ b/lib/libutee/tee_api_arith_mpa.c +@@ -19,7 +19,8 @@ + + static uint32_t mempool_u32[mpa_scratch_mem_size_in_U32( + MPA_INTERNAL_MEM_POOL_SIZE, +- CFG_TA_BIGNUM_MAX_BITS)]; ++ CFG_TA_BIGNUM_MAX_BITS)] ++ __aligned(MEMPOOL_ALIGN); + static mpa_scratch_mem mempool; + + /************************************************************* +diff --git a/lib/libutee/tee_api_arith_mpi.c b/lib/libutee/tee_api_arith_mpi.c +index 8e2751b..6b074e1 100644 +--- a/lib/libutee/tee_api_arith_mpi.c ++++ b/lib/libutee/tee_api_arith_mpi.c +@@ -42,8 +42,7 @@ static void __noreturn mpi_panic(const char *func, int line, int rc) + + void _TEE_MathAPI_Init(void) + { +- static uint8_t data[MPI_MEMPOOL_SIZE] +- __aligned(__alignof__(mbedtls_mpi_uint)); ++ static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(MEMPOOL_ALIGN); + + mbedtls_mpi_mempool = mempool_alloc_pool(data, sizeof(data), NULL); + if (!mbedtls_mpi_mempool) +diff --git a/lib/libutils/ext/include/mempool.h b/lib/libutils/ext/include/mempool.h +index 62377df..2a60800 100644 +--- a/lib/libutils/ext/include/mempool.h ++++ b/lib/libutils/ext/include/mempool.h +@@ -19,9 +19,12 @@ struct mempool_item { + + struct mempool; + ++#define MEMPOOL_ALIGN __alignof__(long) ++ + /* + * mempool_alloc_pool() - Allocate a new memory pool +- * @data: a block of memory to carve out items from ++ * @data: a block of memory to carve out items from, must ++ * have an alignment of MEMPOOL_ALIGN. + * @size: size fo the block of memory + * @release_mem: function to call when the pool has been emptied, + * ignored if NULL. +diff --git a/lib/libutils/ext/mempool.c b/lib/libutils/ext/mempool.c +index f977699..6d38590 100644 +--- a/lib/libutils/ext/mempool.c ++++ b/lib/libutils/ext/mempool.c +@@ -53,7 +53,6 @@ + * So the potential fragmentation is mitigated. + */ + +-#define POOL_ALIGN __alignof__(long) + + struct mempool { + size_t size; /* size of the memory pool, in bytes */ +@@ -130,8 +129,8 @@ mempool_alloc_pool(void *data, size_t size, + { + struct mempool *pool = calloc(1, sizeof(*pool)); + +- COMPILE_TIME_ASSERT(POOL_ALIGN >= __alignof__(struct mempool_item)); +- assert(!((vaddr_t)data & (POOL_ALIGN - 1))); ++ COMPILE_TIME_ASSERT(MEMPOOL_ALIGN >= __alignof__(struct mempool_item)); ++ assert(!((vaddr_t)data & (MEMPOOL_ALIGN - 1))); + + if (pool) { + pool->size = size; +@@ -163,13 +162,13 @@ void *mempool_alloc(struct mempool *pool, size_t size) + pool->last_offset); + offset = pool->last_offset + last_item->size; + +- offset = ROUNDUP(offset, POOL_ALIGN); ++ offset = ROUNDUP(offset, MEMPOOL_ALIGN); + if (offset > pool->size) + goto error; + } + + size = sizeof(struct mempool_item) + size; +- size = ROUNDUP(size, POOL_ALIGN); ++ size = ROUNDUP(size, MEMPOOL_ALIGN); + if (offset + size > pool->size) + goto error; + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-use-python3-instead-of-python.patch b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-use-python3-instead-of-python.patch new file mode 100644 index 00000000..6ecc6152 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-use-python3-instead-of-python.patch @@ -0,0 +1,80 @@ +diff --git a/scripts/arm32_sysreg.py b/scripts/arm32_sysreg.py +index bd0c619e..530b0f44 100755 +--- a/scripts/arm32_sysreg.py ++++ b/scripts/arm32_sysreg.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2018, Linaro Limited +diff --git a/scripts/gen_hashed_bin.py b/scripts/gen_hashed_bin.py +index 67b2b049..619cf26e 100755 +--- a/scripts/gen_hashed_bin.py ++++ b/scripts/gen_hashed_bin.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2014-2017, Linaro Limited +diff --git a/scripts/gen_ld_sects.py b/scripts/gen_ld_sects.py +index 43e812b5..bc82dd8b 100755 +--- a/scripts/gen_ld_sects.py ++++ b/scripts/gen_ld_sects.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py +index ddc17c18..69a4355c 100755 +--- a/scripts/pem_to_pub_c.py ++++ b/scripts/pem_to_pub_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2015, Linaro Limited +diff --git a/scripts/sign.py b/scripts/sign.py +index 84fd7714..f6e6b667 100755 +--- a/scripts/sign.py ++++ b/scripts/sign.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # + # Copyright (c) 2015, 2017, Linaro Limited + # +diff --git a/scripts/symbolize.py b/scripts/symbolize.py +index 99a48c70..cbd9884a 100755 +--- a/scripts/symbolize.py ++++ b/scripts/symbolize.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/ta_bin_to_c.py b/scripts/ta_bin_to_c.py +index 1496f816..a01e7f9b 100755 +--- a/scripts/ta_bin_to_c.py ++++ b/scripts/ta_bin_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/tee_bin_parser.py b/scripts/tee_bin_parser.py +index 8356ad5d..4409074b 100755 +--- a/scripts/tee_bin_parser.py ++++ b/scripts/tee_bin_parser.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2016, Linaro Limited diff --git a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb index c8ebe2bf..6ffe8298 100644 --- a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb +++ b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb @@ -4,17 +4,21 @@ DESCRIPTION = "OPTEE OS" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=69663ab153298557a59c67a60a743e5b" -DEPENDS = "python-pycrypto-native" +DEPENDS = "python3-pycrypto-native" -inherit deploy pythonnative +inherit deploy python3native -SRCREV = "e93f053213c574ec1b97f9e56b2f31692cd3723c" +SRCREV = "4e8d2e5307b99a91a0cac3ea3560ecb7d62898d6" SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_os;nobranch=1 \ file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \ + file://0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch \ + file://0001-use-python3-instead-of-python.patch \ " S = "${WORKDIR}/git" OPTEEMACHINE ?= "${MACHINE}" +OPTEEMACHINE_ls1088ardb-pb = "ls1088ardb" +OPTEEMACHINE_ls1046afrwy = "ls1046ardb" EXTRA_OEMAKE = "PLATFORM=ls-${OPTEEMACHINE} CFG_ARM64_core=y \ ARCH=arm \ diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-8.patch b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-8.patch deleted file mode 100644 index bad7c5e0..00000000 --- a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-8.patch +++ /dev/null @@ -1,40 +0,0 @@ -From d877fddcef79e856193b9b0a3a3089c22151047f Mon Sep 17 00:00:00 2001 -From: Chunrong Guo <chunrong.guo@nxp.com> -Date: Fri, 29 Jun 2018 15:49:34 +0800 -Subject: [PATCH] fix build failure with GCC 8 - -Signed-off-by: BJ DevOps Team <bjdevops@NXP1.onmicrosoft.com> ---- - host/xtest/Makefile | 2 ++ - host/xtest/adbg/src/adbg_run.c | 2 +- - 2 files changed, 3 insertions(+), 1 deletion(-) - -diff --git a/host/xtest/Makefile b/host/xtest/Makefile -index 832cba2..d95899d 100644 ---- a/host/xtest/Makefile -+++ b/host/xtest/Makefile -@@ -139,6 +139,8 @@ CFLAGS += -Wall -Wcast-align -Werror \ - -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ - -Wshadow -Wstrict-prototypes -Wswitch-default \ - -Wwrite-strings \ -+ -Wno-stringop-overflow \ -+ -Wno-array-bounds \ - -Wno-missing-field-initializers -Wno-format-zero-length - endif - -diff --git a/host/xtest/adbg/src/adbg_run.c b/host/xtest/adbg/src/adbg_run.c -index 406e429..3b57bbb 100644 ---- a/host/xtest/adbg/src/adbg_run.c -+++ b/host/xtest/adbg/src/adbg_run.c -@@ -100,7 +100,7 @@ int Do_ADBG_AppendToSuite( - snprintf(p, size, "%s+%s", Dest_p->SuiteID_p, - Source_p->SuiteID_p); - else -- strncpy(p, Source_p->SuiteID_p, size); -+ memcpy(p, Source_p->SuiteID_p, size); - free((void *)Dest_p->SuiteID_p); - Dest_p->SuiteID_p = p; - --- -1.8.3.1 - diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-9.patch b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-9.patch new file mode 100644 index 00000000..9b912777 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-9.patch @@ -0,0 +1,28 @@ +From 79330c8383e02e91a355964a3cc7b932d03c2517 Mon Sep 17 00:00:00 2001 +From: Chunrong Guo <chunrong.guo@nxp.com> +Date: Wed, 10 Jul 2019 11:09:01 +0200 +Subject: [PATCH] fix build failure with GCC 9 + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: C.r. Guo <nxa13725@lsv07004.swis.us-cdc01.nxp.com> +--- + host/xtest/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/host/xtest/Makefile b/host/xtest/Makefile +index e4e2881..e86e056 100644 +--- a/host/xtest/Makefile ++++ b/host/xtest/Makefile +@@ -152,7 +152,7 @@ CFLAGS += -Wall -Wcast-align -Werror \ + -Wmissing-include-dirs -Wmissing-noreturn \ + -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ + -Wshadow -Wstrict-prototypes -Wswitch-default \ +- -Wwrite-strings \ ++ -Wwrite-strings -Wno-format-overflow \ + -Wno-missing-field-initializers -Wno-format-zero-length + endif + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-use-python3-instead-of-python.patch b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-use-python3-instead-of-python.patch new file mode 100644 index 00000000..20f190af --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-use-python3-instead-of-python.patch @@ -0,0 +1,48 @@ +From 6271160639002a2580d80b75b5397a96d56329f2 Mon Sep 17 00:00:00 2001 +From: Scott Branden <scott.branden@broadcom.com> +Date: Fri, 27 Dec 2019 12:54:28 -0800 +Subject: [PATCH] use python3 instead of python + +use python3 instead of python as python2 is EOL January 2020. + +Signed-off-by: Scott Branden <scott.branden@broadcom.com> +Reviewed-by: Jerome Forissier <jerome@forissier.org> +Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, CFG_GCM_NIST_VECTORS=y) +Upstream-Status: Backport from v3.8.0 +--- + scripts/file_to_c.py | 4 ++-- + scripts/rsp_to_gcm_test.py | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/scripts/file_to_c.py b/scripts/file_to_c.py +index ae16f52..b4ce2a2 100755 +--- a/scripts/file_to_c.py ++++ b/scripts/file_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2018, Linaro Limited +@@ -29,7 +29,7 @@ def main(): + + f.write("const uint8_t " + args.name + "[] = {\n") + i = 0 +- for x in array.array("B", inf.read()): ++ for x in array.array("B", map(ord, (inf.read()))): + f.write("0x" + '{0:02x}'.format(x) + ",") + i = i + 1 + if i % 8 == 0: +diff --git a/scripts/rsp_to_gcm_test.py b/scripts/rsp_to_gcm_test.py +index 0543541..e4418be 100755 +--- a/scripts/rsp_to_gcm_test.py ++++ b/scripts/rsp_to_gcm_test.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + modes = {'encrypt': 0, 'decrypt': 1} + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb index a9aaffc7..b66725c7 100644 --- a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb +++ b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb @@ -4,16 +4,17 @@ HOMEPAGE = "https://github.com/qoriq-open-source/optee_test" LICENSE = "BSD & GPLv2" LIC_FILES_CHKSUM = "file://${S}/LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" -DEPENDS = "optee-client-qoriq optee-os-qoriq python-pycrypto-native" +DEPENDS = "optee-client-qoriq optee-os-qoriq python3-pycrypto-native" -inherit pythonnative +inherit python3native SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_test;nobranch=1 \ - file://0001-fix-build-failure-with-GCC-8.patch \ + file://0001-fix-build-failure-with-GCC-9.patch \ + file://0001-use-python3-instead-of-python.patch \ " S = "${WORKDIR}/git" -SRCREV = "83c87d9b368c33545688c7aad27432ff9a22868f" +SRCREV = "669058459e4a544be12f37dab103ee4c2b32e31d" OPTEE_CLIENT_EXPORT = "${STAGING_DIR_HOST}${prefix}" TEEC_EXPORT = "${STAGING_DIR_HOST}${prefix}" |