diff options
Diffstat (limited to 'bsp/meta-freescale/recipes-security')
20 files changed, 1470 insertions, 51 deletions
diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-client/0001-flags-do-not-override-CFLAGS-from-host.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/0001-flags-do-not-override-CFLAGS-from-host.patch new file mode 100644 index 00000000..86c360f2 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/0001-flags-do-not-override-CFLAGS-from-host.patch @@ -0,0 +1,54 @@ +From 6a600c5637c5446ab3d11eb4304a1dd473ec503e Mon Sep 17 00:00:00 2001 +From: Andrey Zhizhikin <andrey.z@gmail.com> +Date: Thu, 4 Jun 2020 19:24:05 +0000 +Subject: [PATCH] flags: do not override CFLAGS from host + +Some build systems set CFLAGS in environment before the build, but they +got overridden by CFLAGS immediate assignment operator. + +Replace immediate assignment with append directive and use override +directive, so the former definition of CFLAGS gets passed either from +command line or via environment is completely expanded (see [1] for +detailed explanation of override directive and variable append). + +Link: [1] https://www.gnu.org/software/make/manual/html_node/Override-Directive.html + +Upstream-Status: Backport [https://github.com/OP-TEE/optee_client/pull/211] + +Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com> +Reviewed-by: Jerome Forissier <jerome@forissier.org> +Reviewed-by: Joakim Bech <joakim.bech@linaro.org> +--- + flags.mk | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/flags.mk b/flags.mk +index 71f3d18..faabef9 100644 +--- a/flags.mk ++++ b/flags.mk +@@ -6,7 +6,7 @@ CROSS_COMPILE ?= arm-linux-gnueabihf- + CC ?= $(CROSS_COMPILE)gcc + AR ?= $(CROSS_COMPILE)ar + +-CFLAGS := -Wall -Wbad-function-cast -Wcast-align \ ++override CFLAGS += -Wall -Wbad-function-cast -Wcast-align \ + -Werror-implicit-function-declaration -Wextra \ + -Wfloat-equal -Wformat-nonliteral -Wformat-security \ + -Wformat=2 -Winit-self -Wmissing-declarations \ +@@ -15,11 +15,11 @@ CFLAGS := -Wall -Wbad-function-cast -Wcast-align \ + -Wpointer-arith -Wshadow -Wstrict-prototypes \ + -Wswitch-default -Wunsafe-loop-optimizations \ + -Wwrite-strings -Werror +-CFLAGS += -c -fPIC ++override CFLAGS += -c -fPIC + + DEBUG ?= 0 + ifeq ($(DEBUG), 1) +-CFLAGS += -DDEBUG -O0 -g ++override CFLAGS += -DDEBUG -O0 -g + endif + + RM := rm -f +-- +2.17.1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-client/tee-supplicant.service b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/tee-supplicant.service new file mode 100644 index 00000000..0e2b4f6b --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-client/tee-supplicant.service @@ -0,0 +1,11 @@ +[Unit] +Description=TEE Supplicant + +[Service] +User=root +EnvironmentFile=-/etc/default/tee-supplicant +ExecStart=/usr/bin/tee-supplicant $OPTARGS + +[Install] +WantedBy=basic.target + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-client_3.2.0.imx.bb b/bsp/meta-freescale/recipes-security/optee-imx/optee-client_3.2.0.imx.bb new file mode 100644 index 00000000..19770849 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-client_3.2.0.imx.bb @@ -0,0 +1,52 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE Client libs" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +inherit python3native systemd + +SRCBRANCH = "lf-5.4.y" +OPTEE_CLIENT_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-client.git;protocol=https" +SRC_URI = "${OPTEE_CLIENT_SRC};branch=${SRCBRANCH}" + +SRCREV = "71a9bef78fff2d5d4db8a2307d3b91e2aa671dc9" + +SRC_URI += "file://tee-supplicant.service \ + file://0001-flags-do-not-override-CFLAGS-from-host.patch \ +" + +S = "${WORKDIR}/git" +SYSTEMD_SERVICE_${PN} = "tee-supplicant.service" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +EXTRA_OEMAKE = "ARCH=${OPTEE_ARCH}" + +do_install () { + oe_runmake install + + install -D -p -m0644 ${S}/out/export/lib/libteec.so.1.0 ${D}${libdir}/libteec.so.1.0 + ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so + ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so.1 + + install -D -p -m0755 ${S}/out/export/bin/tee-supplicant ${D}${bindir}/tee-supplicant + + cp -a ${S}/out/export/include ${D}/usr/ + + sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${WORKDIR}/tee-supplicant.service + install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service +} + +PACKAGES += "tee-supplicant" +FILES_${PN} += "${libdir}/* ${includedir}/*" +FILES_tee-supplicant += "${bindir}/tee-supplicant" + +INSANE_SKIP_${PN} = "ldflags dev-elf" +INSANE_SKIP_${PN}-dev = "ldflags dev-elf" +INSANE_SKIP_tee-supplicant = "ldflags" + +COMPATIBLE_MACHINE = "(mx6|mx7|mx8)" diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch new file mode 100644 index 00000000..509c7fb6 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch @@ -0,0 +1,158 @@ +From 027a3b9a33fbb23e1d1d7ed6411d4d112d2a55a1 Mon Sep 17 00:00:00 2001 +From: Andrey Zhizhikin <andrey.z@gmail.com> +Date: Sat, 30 May 2020 22:00:59 +0000 +Subject: [PATCH] optee-os: fix gcc10 compilation issue and missing cc-options + +Backport PR 3891 from upstream to imx fork, which addressed compilation +failure when GCC10 is used. + +Additional changes ported fixed cc-options macro, which allows to query +compiler used if the desired option exists before it could be set. This +solves also the build issues when GCC9 is used to build this component. + +Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/3891] + +Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com> +--- + core/arch/arm/arm.mk | 21 ++++++++++++++++----- + core/core.mk | 5 +---- + mk/cc-option.mk | 9 +++++++++ + mk/gcc.mk | 2 +- + ta/mk/ta_dev_kit.mk | 3 +++ + ta/ta.mk | 1 + + 6 files changed, 31 insertions(+), 10 deletions(-) + create mode 100644 mk/cc-option.mk + +diff --git a/core/arch/arm/arm.mk b/core/arch/arm/arm.mk +index aa101be8..4123d85d 100644 +--- a/core/arch/arm/arm.mk ++++ b/core/arch/arm/arm.mk +@@ -1,3 +1,16 @@ ++# Setup compiler for the core module ++ifeq ($(CFG_ARM64_core),y) ++arch-bits-core := 64 ++else ++arch-bits-core := 32 ++endif ++CROSS_COMPILE_core := $(CROSS_COMPILE$(arch-bits-core)) ++COMPILER_core := $(COMPILER) ++include mk/$(COMPILER_core).mk ++ ++# Defines the cc-option macro using the compiler set for the core module ++include mk/cc-option.mk ++ + CFG_LTC_OPTEE_THREAD ?= y + # Size of emulated TrustZone protected SRAM, 448 kB. + # Only applicable when paging is enabled. +@@ -88,7 +101,7 @@ arm32-platform-aflags-no-hard-float ?= + + arm64-platform-cflags-no-hard-float ?= -mgeneral-regs-only + arm64-platform-cflags-hard-float ?= +-arm64-platform-cflags-generic ?= -mstrict-align ++arm64-platform-cflags-generic := -mstrict-align $(call cc-option,-mno-outline-atomics,) + + ifeq ($(DEBUG),1) + # For backwards compatibility +@@ -117,14 +130,12 @@ core-platform-aflags += $(platform-aflags-generic) + core-platform-aflags += $(platform-aflags-debug-info) + + ifeq ($(CFG_ARM64_core),y) +-arch-bits-core := 64 + core-platform-cppflags += $(arm64-platform-cppflags) + core-platform-cflags += $(arm64-platform-cflags) + core-platform-cflags += $(arm64-platform-cflags-generic) + core-platform-cflags += $(arm64-platform-cflags-no-hard-float) + core-platform-aflags += $(arm64-platform-aflags) + else +-arch-bits-core := 32 + core-platform-cppflags += $(arm32-platform-cppflags) + core-platform-cflags += $(arm32-platform-cflags) + core-platform-cflags += $(arm32-platform-cflags-no-hard-float) +@@ -196,5 +207,5 @@ ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE64 ?= $$(CROSS_COMPILE)_nl_ + ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE_ta_arm64 ?= $$(CROSS_COMPILE64)_nl_ + endif + +-# Set cross compiler prefix for each submodule +-$(foreach sm, core $(ta-targets), $(eval CROSS_COMPILE_$(sm) ?= $(CROSS_COMPILE$(arch-bits-$(sm))))) ++# Set cross compiler prefix for each TA target ++$(foreach sm, $(ta-targets), $(eval CROSS_COMPILE_$(sm) ?= $(CROSS_COMPILE$(arch-bits-$(sm))))) +diff --git a/core/core.mk b/core/core.mk +index c05815f3..68f45552 100644 +--- a/core/core.mk ++++ b/core/core.mk +@@ -8,6 +8,7 @@ arch-dir := core/arch/$(ARCH) + platform-dir := $(arch-dir)/plat-$(PLATFORM) + include $(platform-dir)/conf.mk + include mk/config.mk ++# $(ARCH).mk also sets the compiler for the core module + include core/arch/$(ARCH)/$(ARCH).mk + + PLATFORM_$(PLATFORM) := y +@@ -16,10 +17,6 @@ PLATFORM_FLAVOR_$(PLATFORM_FLAVOR) := y + $(call cfg-depends-all,CFG_PAGED_USER_TA,CFG_WITH_PAGER CFG_WITH_USER_TA) + include core/crypto.mk + +-# Setup compiler for this sub module +-COMPILER_$(sm) ?= $(COMPILER) +-include mk/$(COMPILER_$(sm)).mk +- + cppflags$(sm) += -D__KERNEL__ + + cppflags$(sm) += -Icore/include +diff --git a/mk/cc-option.mk b/mk/cc-option.mk +new file mode 100644 +index 00000000..4699fbcc +--- /dev/null ++++ b/mk/cc-option.mk +@@ -0,0 +1,9 @@ ++_cc-option-supported = $(if $(shell $(CC$(sm)) $(1) -c -x c /dev/null -o /dev/null 2>/dev/null >/dev/null || echo "Not supported"),,1) ++_cc-opt-cached-var-name = $(subst =,~,$(strip cached-cc-option-$(1)-$(subst $(empty) $(empty),,$(CC$(sm))))) ++define _cc-option ++$(eval _var_name := $(call _cc-opt-cached-var-name,$(1))) ++$(eval $(_var_name) := $(if $(filter $(origin $(_var_name)),undefined),$(call _cc-option-supported,$(1)),$($(_var_name)))) ++$(if $($(_var_name)),$(1),$(2)) ++endef ++cc-option = $(strip $(call _cc-option,$(1),$(2))) ++ +diff --git a/mk/gcc.mk b/mk/gcc.mk +index 1f2c5990..c53a23b1 100644 +--- a/mk/gcc.mk ++++ b/mk/gcc.mk +@@ -12,7 +12,7 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \ + -print-file-name=include 2> /dev/null) + + # Get location of libgcc from gcc +-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) $(comp-cflags$(sm)) \ ++libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ + -print-libgcc-file-name 2> /dev/null) + + # Define these to something to discover accidental use +diff --git a/ta/mk/ta_dev_kit.mk b/ta/mk/ta_dev_kit.mk +index fa0bddfe..ae70ef87 100644 +--- a/ta/mk/ta_dev_kit.mk ++++ b/ta/mk/ta_dev_kit.mk +@@ -78,6 +78,9 @@ clean: + @$(cmd-echo-silent) ' CLEAN $(O)' + ${q}if [ -d "$(O)" ]; then $(RMDIR) $(O); fi + ++include $(ta-dev-kit-dir$(sm))/mk/$(COMPILER_$(sm)).mk ++include $(ta-dev-kit-dir$(sm))/mk/cc-option.mk ++ + subdirs = . + include $(ta-dev-kit-dir)/mk/subdir.mk + +diff --git a/ta/ta.mk b/ta/ta.mk +index 32353de3..9c64319d 100644 +--- a/ta/ta.mk ++++ b/ta/ta.mk +@@ -98,6 +98,7 @@ $(foreach f, $(libfiles), \ + + # Copy .mk files + ta-mkfiles = mk/compile.mk mk/subdir.mk mk/gcc.mk mk/cleandirs.mk \ ++ mk/cc-option.mk \ + ta/arch/$(ARCH)/link.mk ta/arch/$(ARCH)/link_shlib.mk \ + ta/mk/ta_dev_kit.mk + +-- +2.17.1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-scripts-update-scripts-to-use-python3.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-scripts-update-scripts-to-use-python3.patch new file mode 100644 index 00000000..9621cf6c --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-os/0001-scripts-update-scripts-to-use-python3.patch @@ -0,0 +1,427 @@ +From 0d4941123b5a88351f5954f6de00892f85ed5abc Mon Sep 17 00:00:00 2001 +From: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com> +Date: Mon, 20 Jan 2020 22:32:13 +0000 +Subject: [PATCH] scripts: update scripts to use python3 + +Python2 is deprecated effective Jan. 2020, and is not available in +several distributions. + +Update scripts here to re-target then onto python version 3. + +Upstream-Status: Pending + +Signed-off-by: Andrey Zhizhikin <andrey.zhizhikin@leica-geosystems.com> +--- + scripts/gen_hashed_bin.py | 282 ++++++++++++++++++++------------------ + scripts/gen_ld_sects.py | 8 +- + scripts/pem_to_pub_c.py | 2 +- + scripts/sign.py | 2 +- + scripts/symbolize.py | 2 +- + scripts/ta_bin_to_c.py | 2 +- + scripts/tee_bin_parser.py | 2 +- + 7 files changed, 157 insertions(+), 143 deletions(-) + +diff --git a/scripts/gen_hashed_bin.py b/scripts/gen_hashed_bin.py +index 32350a47..a76a62cc 100755 +--- a/scripts/gen_hashed_bin.py ++++ b/scripts/gen_hashed_bin.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2014-2017, Linaro Limited +@@ -14,163 +14,177 @@ import hashlib + arch_id = {'arm32': 0, 'arm64': 1} + image_id = {'pager': 0, 'paged': 1} + ++ + def write_header_v1(outf, init_size, args, paged_size): +- magic = 0x4554504f # 'OPTE' +- version = 1; +- outf.write(struct.pack('<IBBHIIIII', \ +- magic, version, arch_id[args.arch], args.flags, init_size, \ +- args.init_load_addr_hi, args.init_load_addr_lo, \ +- args.init_mem_usage, paged_size)) ++ magic = 0x4554504f # 'OPTE' ++ version = 1 ++ outf.write(struct.pack('<IBBHIIIII', ++ magic, ++ version, ++ arch_id[args.arch], ++ args.flags, ++ init_size, ++ args.init_load_addr_hi, ++ args.init_load_addr_lo, ++ args.init_mem_usage, ++ paged_size)) ++ + + def write_header_v2(outf, init_size, args, paged_size): +- magic = 0x4554504f # 'OPTE' +- version = 2 +- nb_images = 1 if paged_size == 0 else 2 +- outf.write(struct.pack('<IBBHI', \ +- magic, version, arch_id[args.arch], args.flags, nb_images)) +- outf.write(struct.pack('<IIII', \ +- args.init_load_addr_hi, args.init_load_addr_lo, \ +- image_id['pager'], init_size)) +- if nb_images == 2: +- outf.write(struct.pack('<IIII', \ +- 0xffffffff, 0xffffffff, image_id['paged'], paged_size)) ++ magic = 0x4554504f # 'OPTE' ++ version = 2 ++ nb_images = 1 if paged_size == 0 else 2 ++ outf.write(struct.pack('<IBBHI', magic, version, ++ arch_id[args.arch], args.flags, nb_images)) ++ outf.write(struct.pack('<IIII', ++ args.init_load_addr_hi, args.init_load_addr_lo, ++ image_id['pager'], init_size)) ++ if nb_images == 2: ++ outf.write( ++ struct.pack( ++ '<IIII', ++ 0xffffffff, ++ 0xffffffff, ++ image_id['paged'], ++ paged_size)) ++ + + def append_to(outf, start_offs, in_fname, max_bytes=0xffffffff): +- #print "Appending %s@0x%x 0x%x bytes at position 0x%x" % \ +- #( in_fname, start_offs, max_bytes, int(outf.tell()) ) +- inf = open(in_fname, 'rb'); +- inf.seek(start_offs) +- while True : +- nbytes = min(16 * 1024, max_bytes) +- if nbytes == 0 : +- break +- #print "Reading %s %d bytes" % (in_fname, nbytes) +- buf = inf.read(nbytes) +- if not buf : +- break +- outf.write(buf) +- max_bytes -= len(buf) +- inf.close() ++ inf = open(in_fname, 'rb') ++ inf.seek(start_offs) ++ while True: ++ nbytes = min(16 * 1024, max_bytes) ++ if nbytes == 0: ++ break ++ buf = inf.read(nbytes) ++ if not buf: ++ break ++ outf.write(buf) ++ max_bytes -= len(buf) ++ inf.close() ++ + + def append_hashes(outf, in_fname): +- page_size = 4 * 1024 +- +- inf = open(in_fname, 'r') +- while True : +- page = inf.read(page_size) +- if len(page) == page_size : +- #print "Writing hash at position 0x%x" % \ +- #int(outf.tell()) +- outf.write(hashlib.sha256(page).digest()) +- elif len(page) == 0 : +- break +- else : +- print("Error: short read, got " + repr(len(page))) +- sys.exit(1) +- +- inf.close() ++ page_size = 4 * 1024 ++ ++ inf = open(in_fname, 'rb') ++ while True: ++ page = inf.read(page_size) ++ if len(page) == page_size: ++ outf.write(hashlib.sha256(page).digest()) ++ elif len(page) == 0: ++ break ++ else: ++ print("Error: short read, got {}".format(len(page))) ++ sys.exit(1) ++ ++ inf.close() ++ + + def int_parse(str): +- return int(str, 0) ++ return int(str, 0) ++ + + def get_args(): +- parser = argparse.ArgumentParser() +- parser.add_argument('--arch', required=True, \ +- choices=arch_id.keys(), \ +- help='Architecture') ++ parser = argparse.ArgumentParser() ++ parser.add_argument('--arch', required=True, ++ choices=list(arch_id.keys()), ++ help='Architecture') + +- parser.add_argument('--flags', \ +- type=int, default=0, \ +- help='Flags, currently none defined') ++ parser.add_argument('--flags', ++ type=int, default=0, ++ help='Flags, currently none defined') + +- parser.add_argument('--init_size', \ +- required=True, type=int_parse, \ +- help='Size of initialization part of binary') ++ parser.add_argument('--init_size', ++ required=True, type=int_parse, ++ help='Size of initialization part of binary') + +- parser.add_argument('--init_load_addr_hi', \ +- type=int_parse, default=0, \ +- help='Upper 32 bits of load address of binary') ++ parser.add_argument('--init_load_addr_hi', ++ type=int_parse, default=0, ++ help='Upper 32 bits of load address of binary') + +- parser.add_argument('--init_load_addr_lo', \ +- required=True, type=int_parse, \ +- help='Lower 32 bits of load address of binary') ++ parser.add_argument('--init_load_addr_lo', ++ required=True, type=int_parse, ++ help='Lower 32 bits of load address of binary') + +- parser.add_argument('--init_mem_usage', \ +- required=True, type=int_parse, \ +- help='Total amount of used memory when initializing'); ++ parser.add_argument('--init_mem_usage', ++ required=True, type=int_parse, ++ help='Total amount of used memory when initializing') + +- parser.add_argument('--tee_pager_bin', \ +- required=True, \ +- help='The input tee_pager.bin') ++ parser.add_argument('--tee_pager_bin', ++ required=True, ++ help='The input tee_pager.bin') + +- parser.add_argument('--tee_pageable_bin', \ +- required=True, \ +- help='The input tee_pageable.bin') ++ parser.add_argument('--tee_pageable_bin', ++ required=True, ++ help='The input tee_pageable.bin') + +- parser.add_argument('--out', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee.bin') ++ parser.add_argument('--out', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee.bin') + +- parser.add_argument('--out_header_v2', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee_header_v2.bin') ++ parser.add_argument('--out_header_v2', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee_header_v2.bin') + +- parser.add_argument('--out_pager_v2', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee_pager_v2.bin') ++ parser.add_argument('--out_pager_v2', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee_pager_v2.bin') + +- parser.add_argument('--out_pageable_v2', \ +- required=False, type=argparse.FileType('wb'), \ +- help='The output tee_pageable_v2.bin') ++ parser.add_argument('--out_pageable_v2', ++ required=False, type=argparse.FileType('wb'), ++ help='The output tee_pageable_v2.bin') ++ ++ return parser.parse_args() + +- return parser.parse_args(); + + def main(): +- args = get_args() +- init_bin_size = args.init_size +- tee_pager_fname = args.tee_pager_bin +- tee_pageable_fname = args.tee_pageable_bin +- pager_input_size = os.path.getsize(tee_pager_fname); +- paged_input_size = os.path.getsize(tee_pageable_fname); +- hash_size = paged_input_size / (4 * 1024) * \ +- hashlib.sha256().digest_size +- +- if paged_input_size % (4 * 1024) != 0: +- print("Error: pageable size not a multiple of 4K:" + \ +- repr(paged_input_size)) +- sys.exit(1) +- +- init_size = pager_input_size + \ +- min(init_bin_size, paged_input_size) + \ +- hash_size +- paged_size = paged_input_size - \ +- min(init_bin_size, paged_input_size) +- +- if args.out is not None: +- outf = args.out +- write_header_v1(outf, init_size, args, paged_size) +- append_to(outf, 0, tee_pager_fname) +- append_to(outf, 0, tee_pageable_fname, init_bin_size) +- append_hashes(outf, tee_pageable_fname) +- append_to(outf, init_bin_size, tee_pageable_fname) +- outf.close() +- +- if args.out_header_v2 is not None: +- outf = args.out_header_v2 +- write_header_v2(outf, init_size, args, paged_size) +- outf.close() +- +- if args.out_pager_v2 is not None: +- outf = args.out_pager_v2 +- append_to(outf, 0, tee_pager_fname) +- append_to(outf, 0, tee_pageable_fname, init_bin_size) +- append_hashes(outf, tee_pageable_fname) +- outf.close() +- +- if args.out_pageable_v2 is not None: +- outf = args.out_pageable_v2 +- append_to(outf, init_bin_size, tee_pageable_fname) +- outf.close() ++ args = get_args() ++ init_bin_size = args.init_size ++ tee_pager_fname = args.tee_pager_bin ++ tee_pageable_fname = args.tee_pageable_bin ++ pager_input_size = os.path.getsize(tee_pager_fname) ++ paged_input_size = os.path.getsize(tee_pageable_fname) ++ hash_size = paged_input_size // (4 * 1024) * \ ++ hashlib.sha256().digest_size ++ ++ if paged_input_size % (4 * 1024) != 0: ++ print("Error: pageable size not a multiple of 4K: {}".format( ++ paged_input_size)) ++ sys.exit(1) ++ ++ init_size = pager_input_size + \ ++ min(init_bin_size, paged_input_size) + \ ++ hash_size ++ paged_size = paged_input_size - \ ++ min(init_bin_size, paged_input_size) ++ ++ if args.out is not None: ++ outf = args.out ++ write_header_v1(outf, init_size, args, paged_size) ++ append_to(outf, 0, tee_pager_fname) ++ append_to(outf, 0, tee_pageable_fname, init_bin_size) ++ append_hashes(outf, tee_pageable_fname) ++ append_to(outf, init_bin_size, tee_pageable_fname) ++ outf.close() ++ ++ if args.out_header_v2 is not None: ++ outf = args.out_header_v2 ++ write_header_v2(outf, init_size, args, paged_size) ++ outf.close() ++ ++ if args.out_pager_v2 is not None: ++ outf = args.out_pager_v2 ++ append_to(outf, 0, tee_pager_fname) ++ append_to(outf, 0, tee_pageable_fname, init_bin_size) ++ append_hashes(outf, tee_pageable_fname) ++ outf.close() ++ ++ if args.out_pageable_v2 is not None: ++ outf = args.out_pageable_v2 ++ append_to(outf, init_bin_size, tee_pageable_fname) ++ outf.close() ++ + + if __name__ == "__main__": +- main() ++ main() +diff --git a/scripts/gen_ld_sects.py b/scripts/gen_ld_sects.py +index c5dc3a7b..2bdbb192 100755 +--- a/scripts/gen_ld_sects.py ++++ b/scripts/gen_ld_sects.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +@@ -8,8 +8,8 @@ import sys + import re + + def usage(): +- print "Usage: {0} <section reg exp match> [<skip section>...]".format( \ +- sys.argv[0]) ++ print("Usage: {0} <section reg exp match> [<skip section>...]".format( \ ++ sys.argv[0])) + sys.exit (1) + + def main(): +@@ -55,7 +55,7 @@ def main(): + if sect_name in skip_sections : + continue + +- print '\t*({0})'.format(sect_name) ++ print ('\t*({0})'.format(sect_name)) + + if __name__ == "__main__": + main() +diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py +index 6b8fa365..0b03d62e 100755 +--- a/scripts/pem_to_pub_c.py ++++ b/scripts/pem_to_pub_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2015, Linaro Limited +diff --git a/scripts/sign.py b/scripts/sign.py +index ad47479b..348b40a2 100755 +--- a/scripts/sign.py ++++ b/scripts/sign.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # + # Copyright (c) 2015, 2017, Linaro Limited + # +diff --git a/scripts/symbolize.py b/scripts/symbolize.py +index 1eecf758..0e9bd3ed 100755 +--- a/scripts/symbolize.py ++++ b/scripts/symbolize.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/ta_bin_to_c.py b/scripts/ta_bin_to_c.py +index cabddbbd..f325fda0 100755 +--- a/scripts/ta_bin_to_c.py ++++ b/scripts/ta_bin_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/tee_bin_parser.py b/scripts/tee_bin_parser.py +index 5f7dd3f0..07da5791 100755 +--- a/scripts/tee_bin_parser.py ++++ b/scripts/tee_bin_parser.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2016, Linaro Limited +-- +2.17.1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-os_3.2.0.imx.bb b/bsp/meta-freescale/recipes-security/optee-imx/optee-os_3.2.0.imx.bb new file mode 100644 index 00000000..d2c82940 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-os_3.2.0.imx.bb @@ -0,0 +1,96 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE OS" +DESCRIPTION = "OPTEE OS" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +inherit deploy python3native autotools +DEPENDS = "python3-pycrypto-native u-boot-mkimage-native" + +SRCBRANCH = "lf-5.4.y" +OPTEE_OS_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-os.git;protocol=https" +SRC_URI = "\ + ${OPTEE_OS_SRC};branch=${SRCBRANCH} \ + file://0001-scripts-update-scripts-to-use-python3.patch \ + file://0001-optee-os-fix-gcc10-compilation-issue-and-missing-cc-.patch \ +" + +SRCREV = "6d99b525af752ecdaabdca6098b2564b2665f2b2" + +S = "${WORKDIR}/git" +B = "${WORKDIR}/build.${PLATFORM_FLAVOR}" + +# The platform flavor corresponds to the Yocto machine without the leading 'i'. +PLATFORM_FLAVOR = "${@d.getVar('MACHINE')[1:]}" +PLATFORM_FLAVOR_imx6qpdlsolox = "mx6qsabresd" +PLATFORM_FLAVOR_imx6ul7d = "mx6ulevk" +PLATFORM_FLAVOR_imx6ull14x14evk = "mx6ullevk" +PLATFORM_FLAVOR_imx6ull9x9evk = "mx6ullevk" +PLATFORM_FLAVOR_imx6ulz14x14evk = "mx6ulzevk" +PLATFORM_FLAVOR_mx8mm = "mx8mmevk" +PLATFORM_FLAVOR_mx8mn = "mx8mnevk" +PLATFORM_FLAVOR_mx8qxp = "mx8qxpmek" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +# Optee-os can be built for 32 bits and 64 bits at the same time +# as long as the compilers are correctly defined. +# For 64bits, CROSS_COMPILE64 must be set +# When defining CROSS_COMPILE and CROSS_COMPILE64, we assure that +# any 32 or 64 bits builds will pass +EXTRA_OEMAKE = "PLATFORM=imx PLATFORM_FLAVOR=${PLATFORM_FLAVOR} \ + CROSS_COMPILE=${HOST_PREFIX} \ + CROSS_COMPILE64=${HOST_PREFIX} \ + NOWERROR=1 \ + LDFLAGS= \ + O=${B} \ + " + + +do_compile () { + unset LDFLAGS + export CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_HOST}" + oe_runmake -C ${S} all CFG_TEE_TA_LOG_LEVEL=0 +} + + +do_deploy () { + install -d ${DEPLOYDIR} + ${TARGET_PREFIX}objcopy -O binary ${B}/core/tee.elf ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin + + if [ "${OPTEE_ARCH}" != "arm64" ]; then + IMX_LOAD_ADDR=`cat ${B}/core/tee-init_load_addr.txt` && \ + uboot-mkimage -A arm -O linux -C none -a ${IMX_LOAD_ADDR} -e ${IMX_LOAD_ADDR} \ + -d ${DEPLOYDIR}/tee.${PLATFORM_FLAVOR}.bin ${DEPLOYDIR}/uTee-${OPTEE_BIN_EXT} + fi + + cd ${DEPLOYDIR} + ln -sf tee.${PLATFORM_FLAVOR}.bin tee.bin + cd - +} + +do_install () { + install -d ${D}${nonarch_base_libdir}/firmware/ + install -m 644 ${B}/core/*.bin ${D}${nonarch_base_libdir}/firmware/ + + # Install the TA devkit + install -d ${D}/usr/include/optee/export-user_ta_${OPTEE_ARCH}/ + + for f in ${B}/export-ta_${OPTEE_ARCH}/*; do + cp -aR $f ${D}/usr/include/optee/export-user_ta_${OPTEE_ARCH}/ + done +} + +addtask deploy after do_compile before do_install + + +FILES_${PN} = "${nonarch_base_libdir}/firmware/" +FILES_${PN}-staticdev = "/usr/include/optee/" +RDEPENDS_${PN}-dev += "${PN}-staticdev" + +PACKAGE_ARCH = "${MACHINE_ARCH}" +COMPATIBLE_MACHINE = "(imx)" diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0001-use-python3-instead-of-python.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0001-use-python3-instead-of-python.patch new file mode 100644 index 00000000..20f190af --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0001-use-python3-instead-of-python.patch @@ -0,0 +1,48 @@ +From 6271160639002a2580d80b75b5397a96d56329f2 Mon Sep 17 00:00:00 2001 +From: Scott Branden <scott.branden@broadcom.com> +Date: Fri, 27 Dec 2019 12:54:28 -0800 +Subject: [PATCH] use python3 instead of python + +use python3 instead of python as python2 is EOL January 2020. + +Signed-off-by: Scott Branden <scott.branden@broadcom.com> +Reviewed-by: Jerome Forissier <jerome@forissier.org> +Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, CFG_GCM_NIST_VECTORS=y) +Upstream-Status: Backport from v3.8.0 +--- + scripts/file_to_c.py | 4 ++-- + scripts/rsp_to_gcm_test.py | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/scripts/file_to_c.py b/scripts/file_to_c.py +index ae16f52..b4ce2a2 100755 +--- a/scripts/file_to_c.py ++++ b/scripts/file_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2018, Linaro Limited +@@ -29,7 +29,7 @@ def main(): + + f.write("const uint8_t " + args.name + "[] = {\n") + i = 0 +- for x in array.array("B", inf.read()): ++ for x in array.array("B", map(ord, (inf.read()))): + f.write("0x" + '{0:02x}'.format(x) + ",") + i = i + 1 + if i % 8 == 0: +diff --git a/scripts/rsp_to_gcm_test.py b/scripts/rsp_to_gcm_test.py +index 0543541..e4418be 100755 +--- a/scripts/rsp_to_gcm_test.py ++++ b/scripts/rsp_to_gcm_test.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + modes = {'encrypt': 0, 'decrypt': 1} + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch new file mode 100644 index 00000000..d32a8eb7 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch @@ -0,0 +1,41 @@ +From dc8cd1c43edeedb9f7335020537c4ffdddd683f8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> +Date: Thu, 7 Feb 2019 01:26:53 +0000 +Subject: [PATCH 1/3] sock_server: fix compilation against musl (sys/errno.h) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Compiling against musl-libc fails with the following error: + +| In file included from .../host/xtest/sock_server.c:24: +| .../usr/include/sys/errno.h:1:2: error: #warning redirecting incorrect #include <sys/errno.h> to <errno.h> [-Werror=cpp] +| #warning redirecting incorrect #include <sys/errno.h> to <errno.h> +| ^~~~~~~ + +Just remove the needless include. + +Signed-off-by: André Draszik <andre.draszik@jci.com> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.5.0] + host/xtest/sock_server.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/host/xtest/sock_server.c b/host/xtest/sock_server.c +index 0d2ff06..1ba73d6 100644 +--- a/host/xtest/sock_server.c ++++ b/host/xtest/sock_server.c +@@ -21,7 +21,6 @@ + #include <netdb.h> + #include <netinet/in.h> + #include <poll.h> +-#include <sys/errno.h> + #include <sys/socket.h> + #include <unistd.h> + +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0004-build-ignore-declaration-after-statement-warnings.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0004-build-ignore-declaration-after-statement-warnings.patch new file mode 100644 index 00000000..ed45df60 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0004-build-ignore-declaration-after-statement-warnings.patch @@ -0,0 +1,62 @@ +From 1401b89684ee81bf0b3d3dea06e2926b24ba3f97 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> +Date: Thu, 7 Feb 2019 01:29:08 +0000 +Subject: [PATCH 2/3] build: ignore declaration-after-statement warnings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +| Makefile:37: recipe for target 'xtest' failed +| make: *** [xtest] Error 2 +| make: *** Waiting for unfinished jobs.... +| arith_taf.c: In function 'get_handle': +| arith_taf.c:56:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| int h = handle_get(&hdb, ptr); +| ^~~ +| arith_taf.c: In function 'ta_entry_arith_new_var': +| arith_taf.c:82:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| size_t len = TEE_BigIntSizeInU32(params[0].value.a); +| ^~~~~~ +| arith_taf.c: In function 'ta_entry_arith_new_fmm_var': +| arith_taf.c:129:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| size_t len = TEE_BigIntFMMSizeInU32(params[0].value.a); +| ^~~~~~ +| arith_taf.c: In function 'ta_entry_arith_free_handle': +| arith_taf.c:150:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| void *ptr = put_handle(params[0].value.a & ~HT_MASK); +| ^~~~ +| arith_taf.c: In function 'ta_entry_arith_from_octet_string': +| arith_taf.c:165:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| TEE_BigInt *big_int = lookup_handle(HT_BIGINT, params[0].value.a); +| ^~~~~~~~~~ +| arith_taf.c: In function 'ta_entry_arith_from_s32': +| arith_taf.c:181:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] +| TEE_BigInt *big_int = lookup_handle(HT_BIGINT, params[0].value.a); +| ^~~~~~~~~~ + +etc. + +Signed-off-by: André Draszik <andre.draszik@jci.com> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.5.0] + host/xtest/Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/host/xtest/Makefile b/host/xtest/Makefile +index f4291e0..e97e555 100644 +--- a/host/xtest/Makefile ++++ b/host/xtest/Makefile +@@ -154,6 +154,7 @@ CFLAGS += -Wall -Wcast-align -Werror \ + -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ + -Wshadow -Wstrict-prototypes -Wswitch-default \ + -Wwrite-strings \ ++ -Wno-declaration-after-statement \ + -Wno-missing-field-initializers -Wno-format-zero-length + endif + +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0005-benchmark_1000-fix-compilation-against-musl-uint.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0005-benchmark_1000-fix-compilation-against-musl-uint.patch new file mode 100644 index 00000000..58734aa4 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0005-benchmark_1000-fix-compilation-against-musl-uint.patch @@ -0,0 +1,57 @@ +From f74e9f339a8e8cb97fc8ea03bef51d7e3862a60a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <andre.draszik@jci.com> +Date: Thu, 7 Feb 2019 01:31:27 +0000 +Subject: [PATCH 3/3] benchmark_1000: fix compilation against musl (uint) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Compiling against musl-libc fails with the following error: + +| .../host/xtest/benchmark_1000.c: In function 'show_test_result': +| .../host/xtest/benchmark_1000.c:102:2: error: unknown type name 'uint'; did you mean 'int'? +| uint i; +| ^~~~ +| int +| ...host/xtest/benchmark_1000.c:108:16: error: comparison of integer expressions of different signedness: 'int' and 'size_t' {aka 'unsigned int'} [-Werror=sign-compare] +| for (i = 0; i < size; i++) { +| ^ + +etc. + +Convert to using more standard size_t + +Signed-off-by: André Draszik <andre.draszik@jci.com> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.5.0] + host/xtest/benchmark_1000.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/host/xtest/benchmark_1000.c b/host/xtest/benchmark_1000.c +index bf92fa0..1caf420 100644 +--- a/host/xtest/benchmark_1000.c ++++ b/host/xtest/benchmark_1000.c +@@ -99,7 +99,7 @@ static TEEC_Result run_chunk_access_test(enum storage_benchmark_cmd cmd, + + static void show_test_result(struct test_record records[], size_t size) + { +- uint i; ++ size_t i; + + printf("-----------------+---------------+----------------\n"); + printf(" Data Size (B) \t | Time (s)\t | Speed (kB/s)\t \n"); +@@ -119,7 +119,7 @@ static void chunk_test(ADBG_Case_t *c, enum storage_benchmark_cmd cmd) + { + uint32_t chunk_size = DEFAULT_CHUNK_SIZE; + struct test_record records[ARRAY_SIZE(data_size_table) - 1]; +- uint i; ++ size_t i; + + for (i = 0; data_size_table[i]; i++) { + ADBG_EXPECT_TEEC_SUCCESS(c, +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0006-regression_8100-use-null-terminated-strings-with-fil.patch b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0006-regression_8100-use-null-terminated-strings-with-fil.patch new file mode 100644 index 00000000..1a5c4044 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test/0006-regression_8100-use-null-terminated-strings-with-fil.patch @@ -0,0 +1,88 @@ +From 7d566ed585d1e13f444d48fde5705b5be54de4af Mon Sep 17 00:00:00 2001 +From: Ricardo Salveti <ricardo@foundries.io> +Date: Wed, 26 Jun 2019 17:32:11 -0300 +Subject: [PATCH] regression_8100: use null terminated strings with file_to_c + +GCC 9 is more strict with string manipulation, causing the build to +fail as the string data converted via file_to_c is not null terminated, +as described by the following build error: + +regression_8100.c:100:29: error: '%*s' directive argument is not a +nul-terminated string [-Werror=format-overflow=] +tlen = myasprintf(&trust, "%*s", (int)sizeof(regression_8100_ca_crt), + ^~~ + regression_8100_ca_crt); + ~~~~~~~~~~~~~~~~~~~~~~ + +Change file_to_c to terminate the string after conversion and update the +string size to remove the null terminated byte. Also update +regression_8100 to use the size variable defined via file_to_c instead +of manually calling sizeof. + +Signed-off-by: Ricardo Salveti <ricardo@foundries.io> +Acked-by: Jens Wiklander <jens.wiklander@linaro.org> +--- +Signed-off-by: André Draszik <andre.draszik@jci.com> +Upstream-Status: Backport [3.6.0] + host/xtest/regression_8100.c | 10 +++++----- + scripts/file_to_c.py | 4 ++-- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/host/xtest/regression_8100.c b/host/xtest/regression_8100.c +index 04d62d9..13780e1 100644 +--- a/host/xtest/regression_8100.c ++++ b/host/xtest/regression_8100.c +@@ -91,13 +91,13 @@ static void test_8102(ADBG_Case_t *c) + return; + + clen = myasprintf(&chain, "%*s\n%*s", +- (int)sizeof(regression_8100_my_crt), ++ (int)regression_8100_my_crt_size, + regression_8100_my_crt, +- (int)sizeof(regression_8100_mid_crt), ++ (int)regression_8100_mid_crt_size, + regression_8100_mid_crt); + if (!ADBG_EXPECT_COMPARE_SIGNED(c, clen, !=, -1)) + goto out; +- tlen = myasprintf(&trust, "%*s", (int)sizeof(regression_8100_ca_crt), ++ tlen = myasprintf(&trust, "%*s", (int)regression_8100_ca_crt_size, + regression_8100_ca_crt); + if (!ADBG_EXPECT_COMPARE_SIGNED(c, tlen, !=, -1)) + goto out; +@@ -282,7 +282,7 @@ static void test_8103(ADBG_Case_t *c) + NULL, &ret_orig))) + return; + +- clen = myasprintf(&csr, "%*s", (int)sizeof(regression_8100_my_csr), ++ clen = myasprintf(&csr, "%*s", (int)regression_8100_my_csr_size, + regression_8100_my_csr); + if (!ADBG_EXPECT_COMPARE_SIGNED(c, clen, >=, 0)) + goto out; +@@ -300,7 +300,7 @@ static void test_8103(ADBG_Case_t *c) + if (!ADBG_EXPECT_TEEC_SUCCESS(c, res)) + goto out; + +- myasprintf(&ca, "%*s", (int)sizeof(regression_8100_ca_crt), ++ myasprintf(&ca, "%*s", (int)regression_8100_ca_crt_size, + regression_8100_ca_crt); + if (!ADBG_EXPECT_NOT_NULL(c, ca)) + goto out; +diff --git a/scripts/file_to_c.py b/scripts/file_to_c.py +index 83a9832..ae16f52 100755 +--- a/scripts/file_to_c.py ++++ b/scripts/file_to_c.py +@@ -37,9 +37,9 @@ def main(): + else: + f.write(" ") + +- f.write("};\n") ++ f.write("'\\0'};\n") + f.write("const size_t " + args.name + "_size = sizeof(" + +- args.name + ");\n") ++ args.name + ") - 1;\n") + + f.close() + inf.close() +-- +2.23.0.rc1 + diff --git a/bsp/meta-freescale/recipes-security/optee-imx/optee-test_3.2.0.imx.bb b/bsp/meta-freescale/recipes-security/optee-imx/optee-test_3.2.0.imx.bb new file mode 100644 index 00000000..c78f9816 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee-imx/optee-test_3.2.0.imx.bb @@ -0,0 +1,58 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE test" +HOMEPAGE = "http://www.optee.org/" + +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" + +DEPENDS = "optee-os optee-client python3-pycrypto-native openssl" +inherit python3native + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +SRCBRANCH = "lf-5.4.y" +OPTEE_TEST_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-test.git;protocol=https" + +SRC_URI = "${OPTEE_TEST_SRC};branch=${SRCBRANCH} \ + file://0003-sock_server-fix-compilation-against-musl-sys-errno.h.patch \ + file://0004-build-ignore-declaration-after-statement-warnings.patch \ + file://0005-benchmark_1000-fix-compilation-against-musl-uint.patch \ + file://0006-regression_8100-use-null-terminated-strings-with-fil.patch \ + file://0001-use-python3-instead-of-python.patch \ +" + +S = "${WORKDIR}/git" + +SRCREV = "b7114b828b82f2c0eec124ed424eff1230cc5319" + +OPTEE_ARCH ?= "arm32" +OPTEE_ARCH_armv7a = "arm32" +OPTEE_ARCH_aarch64 = "arm64" + +do_compile () { + export TA_DEV_KIT_DIR=${STAGING_INCDIR}/optee/export-user_ta_${OPTEE_ARCH}/ + export ARCH=${OPTEE_ARCH} + + export OPTEE_CLIENT_EXPORT=${STAGING_DIR_HOST}/usr + export CROSS_COMPILE_HOST=${HOST_PREFIX} + export CROSS_COMPILE_TA=${HOST_PREFIX} + export CROSS_COMPILE=${HOST_PREFIX} + export OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}/ + oe_runmake V=1 --warn-undefined-variables +} + +do_install () { + install -d ${D}/usr/bin + install ${S}/out/xtest/xtest ${D}/usr/bin/ + + install -d ${D}/lib/optee_armtz + find ${S}/out/ta -name '*.ta' | while read name; do + install -m 444 $name ${D}/lib/optee_armtz/ + done + +} + +FILES_${PN} = "/usr/bin/ /lib*/optee_armtz/" + +COMPATIBLE_MACHINE = "(mx6|mx7|mx8)" diff --git a/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb b/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb index 6aaf714c..af5fc095 100644 --- a/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb +++ b/bsp/meta-freescale/recipes-security/optee/optee-client-qoriq.bb @@ -4,15 +4,13 @@ HOMEPAGE = "https://github.com/qoriq-open-source/optee_client" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=69663ab153298557a59c67a60a743e5b" -inherit pythonnative systemd +inherit python3native systemd SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_client;nobranch=1 \ - file://0001-GCC-8-format-truncation-error.patch \ - file://0001-flags-CFLAGS-add-Wno-cpp.patch \ " S = "${WORKDIR}/git" -SRCREV = "ab3c79ccd3ea9323e236d30037977c0a19944dbd" +SRCREV = "08428734c67fb559e420d87fa52fd74a955ea1bd" EXTRA_OEMAKE = "ARCH=arm64" diff --git a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch new file mode 100644 index 00000000..e22bd6c0 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch @@ -0,0 +1,148 @@ +From b2dd8747125be413f9b8b7fd7e52f457cabd709c Mon Sep 17 00:00:00 2001 +From: Jens Wiklander <jens.wiklander@linaro.org> +Date: Tue, 5 Feb 2019 13:05:29 +0100 +Subject: [PATCH] Fix alignment of data for mempool_alloc_pool() + +Upstream-Status: Submitted + +Prior to this patch was _TEE_MathAPI_Init() in +lib/libutee/tee_api_arith_mpi.c supplying a data buffer which was only 4 +byte aligned while mempool_alloc_pool() requires the alignment of long. +This will work in 32-bit mode, but could lead to alignment problem in +64-bit mode. The same problem can happen with +lib/libutee/tee_api_arith_mpa.c, but so far it has remained hidden. + +Incorrect alignment can result in errors like: +E/TA: assertion '!((vaddr_t)data & (POOL_ALIGN - 1))' failed at lib/libutils/ext/mempool.c:134 in mempool_alloc_pool() + +This fix introduces MEMPOOL_ALIGN which specifies required alignment of +data supplied to mempool_alloc_pool(). + +Fixes: 062e3d01c039 ("ta: switch to to mbedtls for bignum") +Reviewed-by: Joakim Bech <joakim.bech@linaro.org> +Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v8) +Acked-by: Jerome Forissier <jerome.forissier@linaro.org> +Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> +--- + core/lib/libtomcrypt/src/mpa_desc.c | 2 +- + core/lib/libtomcrypt/src/mpi_desc.c | 2 +- + lib/libutee/tee_api_arith_mpa.c | 3 ++- + lib/libutee/tee_api_arith_mpi.c | 3 +-- + lib/libutils/ext/include/mempool.h | 5 ++++- + lib/libutils/ext/mempool.c | 9 ++++----- + 6 files changed, 13 insertions(+), 11 deletions(-) + +diff --git a/core/lib/libtomcrypt/src/mpa_desc.c b/core/lib/libtomcrypt/src/mpa_desc.c +index b407f54..58aa242 100644 +--- a/core/lib/libtomcrypt/src/mpa_desc.c ++++ b/core/lib/libtomcrypt/src/mpa_desc.c +@@ -40,7 +40,7 @@ static struct mempool *get_mpa_scratch_memory_pool(void) + #else /* CFG_WITH_PAGER */ + static struct mempool *get_mpa_scratch_memory_pool(void) + { +- static uint32_t data[LTC_MEMPOOL_U32_SIZE] __aligned(__alignof__(long)); ++ static uint32_t data[LTC_MEMPOOL_U32_SIZE] __aligned(MEMPOOL_ALIGN); + + return mempool_alloc_pool(data, sizeof(data), NULL); + } +diff --git a/core/lib/libtomcrypt/src/mpi_desc.c b/core/lib/libtomcrypt/src/mpi_desc.c +index a43fbb4..67bc3a7 100644 +--- a/core/lib/libtomcrypt/src/mpi_desc.c ++++ b/core/lib/libtomcrypt/src/mpi_desc.c +@@ -38,7 +38,7 @@ static struct mempool *get_mp_scratch_memory_pool(void) + #else /* CFG_WITH_PAGER */ + static struct mempool *get_mp_scratch_memory_pool(void) + { +- static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(__alignof__(long)); ++ static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(MEMPOOL_ALIGN); + + return mempool_alloc_pool(data, sizeof(data), NULL); + } +diff --git a/lib/libutee/tee_api_arith_mpa.c b/lib/libutee/tee_api_arith_mpa.c +index 0f6c7f1..a8ca6aa 100644 +--- a/lib/libutee/tee_api_arith_mpa.c ++++ b/lib/libutee/tee_api_arith_mpa.c +@@ -19,7 +19,8 @@ + + static uint32_t mempool_u32[mpa_scratch_mem_size_in_U32( + MPA_INTERNAL_MEM_POOL_SIZE, +- CFG_TA_BIGNUM_MAX_BITS)]; ++ CFG_TA_BIGNUM_MAX_BITS)] ++ __aligned(MEMPOOL_ALIGN); + static mpa_scratch_mem mempool; + + /************************************************************* +diff --git a/lib/libutee/tee_api_arith_mpi.c b/lib/libutee/tee_api_arith_mpi.c +index 8e2751b..6b074e1 100644 +--- a/lib/libutee/tee_api_arith_mpi.c ++++ b/lib/libutee/tee_api_arith_mpi.c +@@ -42,8 +42,7 @@ static void __noreturn mpi_panic(const char *func, int line, int rc) + + void _TEE_MathAPI_Init(void) + { +- static uint8_t data[MPI_MEMPOOL_SIZE] +- __aligned(__alignof__(mbedtls_mpi_uint)); ++ static uint8_t data[MPI_MEMPOOL_SIZE] __aligned(MEMPOOL_ALIGN); + + mbedtls_mpi_mempool = mempool_alloc_pool(data, sizeof(data), NULL); + if (!mbedtls_mpi_mempool) +diff --git a/lib/libutils/ext/include/mempool.h b/lib/libutils/ext/include/mempool.h +index 62377df..2a60800 100644 +--- a/lib/libutils/ext/include/mempool.h ++++ b/lib/libutils/ext/include/mempool.h +@@ -19,9 +19,12 @@ struct mempool_item { + + struct mempool; + ++#define MEMPOOL_ALIGN __alignof__(long) ++ + /* + * mempool_alloc_pool() - Allocate a new memory pool +- * @data: a block of memory to carve out items from ++ * @data: a block of memory to carve out items from, must ++ * have an alignment of MEMPOOL_ALIGN. + * @size: size fo the block of memory + * @release_mem: function to call when the pool has been emptied, + * ignored if NULL. +diff --git a/lib/libutils/ext/mempool.c b/lib/libutils/ext/mempool.c +index f977699..6d38590 100644 +--- a/lib/libutils/ext/mempool.c ++++ b/lib/libutils/ext/mempool.c +@@ -53,7 +53,6 @@ + * So the potential fragmentation is mitigated. + */ + +-#define POOL_ALIGN __alignof__(long) + + struct mempool { + size_t size; /* size of the memory pool, in bytes */ +@@ -130,8 +129,8 @@ mempool_alloc_pool(void *data, size_t size, + { + struct mempool *pool = calloc(1, sizeof(*pool)); + +- COMPILE_TIME_ASSERT(POOL_ALIGN >= __alignof__(struct mempool_item)); +- assert(!((vaddr_t)data & (POOL_ALIGN - 1))); ++ COMPILE_TIME_ASSERT(MEMPOOL_ALIGN >= __alignof__(struct mempool_item)); ++ assert(!((vaddr_t)data & (MEMPOOL_ALIGN - 1))); + + if (pool) { + pool->size = size; +@@ -163,13 +162,13 @@ void *mempool_alloc(struct mempool *pool, size_t size) + pool->last_offset); + offset = pool->last_offset + last_item->size; + +- offset = ROUNDUP(offset, POOL_ALIGN); ++ offset = ROUNDUP(offset, MEMPOOL_ALIGN); + if (offset > pool->size) + goto error; + } + + size = sizeof(struct mempool_item) + size; +- size = ROUNDUP(size, POOL_ALIGN); ++ size = ROUNDUP(size, MEMPOOL_ALIGN); + if (offset + size > pool->size) + goto error; + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-use-python3-instead-of-python.patch b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-use-python3-instead-of-python.patch new file mode 100644 index 00000000..6ecc6152 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq/0001-use-python3-instead-of-python.patch @@ -0,0 +1,80 @@ +diff --git a/scripts/arm32_sysreg.py b/scripts/arm32_sysreg.py +index bd0c619e..530b0f44 100755 +--- a/scripts/arm32_sysreg.py ++++ b/scripts/arm32_sysreg.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2018, Linaro Limited +diff --git a/scripts/gen_hashed_bin.py b/scripts/gen_hashed_bin.py +index 67b2b049..619cf26e 100755 +--- a/scripts/gen_hashed_bin.py ++++ b/scripts/gen_hashed_bin.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2014-2017, Linaro Limited +diff --git a/scripts/gen_ld_sects.py b/scripts/gen_ld_sects.py +index 43e812b5..bc82dd8b 100755 +--- a/scripts/gen_ld_sects.py ++++ b/scripts/gen_ld_sects.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py +index ddc17c18..69a4355c 100755 +--- a/scripts/pem_to_pub_c.py ++++ b/scripts/pem_to_pub_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2015, Linaro Limited +diff --git a/scripts/sign.py b/scripts/sign.py +index 84fd7714..f6e6b667 100755 +--- a/scripts/sign.py ++++ b/scripts/sign.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # + # Copyright (c) 2015, 2017, Linaro Limited + # +diff --git a/scripts/symbolize.py b/scripts/symbolize.py +index 99a48c70..cbd9884a 100755 +--- a/scripts/symbolize.py ++++ b/scripts/symbolize.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/ta_bin_to_c.py b/scripts/ta_bin_to_c.py +index 1496f816..a01e7f9b 100755 +--- a/scripts/ta_bin_to_c.py ++++ b/scripts/ta_bin_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2017, Linaro Limited +diff --git a/scripts/tee_bin_parser.py b/scripts/tee_bin_parser.py +index 8356ad5d..4409074b 100755 +--- a/scripts/tee_bin_parser.py ++++ b/scripts/tee_bin_parser.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2016, Linaro Limited diff --git a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb index c8ebe2bf..6ffe8298 100644 --- a/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb +++ b/bsp/meta-freescale/recipes-security/optee/optee-os-qoriq_git.bb @@ -4,17 +4,21 @@ DESCRIPTION = "OPTEE OS" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=69663ab153298557a59c67a60a743e5b" -DEPENDS = "python-pycrypto-native" +DEPENDS = "python3-pycrypto-native" -inherit deploy pythonnative +inherit deploy python3native -SRCREV = "e93f053213c574ec1b97f9e56b2f31692cd3723c" +SRCREV = "4e8d2e5307b99a91a0cac3ea3560ecb7d62898d6" SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_os;nobranch=1 \ file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \ + file://0001-Fix-alignment-of-data-for-mempool_alloc_pool.patch \ + file://0001-use-python3-instead-of-python.patch \ " S = "${WORKDIR}/git" OPTEEMACHINE ?= "${MACHINE}" +OPTEEMACHINE_ls1088ardb-pb = "ls1088ardb" +OPTEEMACHINE_ls1046afrwy = "ls1046ardb" EXTRA_OEMAKE = "PLATFORM=ls-${OPTEEMACHINE} CFG_ARM64_core=y \ ARCH=arm \ diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-8.patch b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-8.patch deleted file mode 100644 index bad7c5e0..00000000 --- a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-8.patch +++ /dev/null @@ -1,40 +0,0 @@ -From d877fddcef79e856193b9b0a3a3089c22151047f Mon Sep 17 00:00:00 2001 -From: Chunrong Guo <chunrong.guo@nxp.com> -Date: Fri, 29 Jun 2018 15:49:34 +0800 -Subject: [PATCH] fix build failure with GCC 8 - -Signed-off-by: BJ DevOps Team <bjdevops@NXP1.onmicrosoft.com> ---- - host/xtest/Makefile | 2 ++ - host/xtest/adbg/src/adbg_run.c | 2 +- - 2 files changed, 3 insertions(+), 1 deletion(-) - -diff --git a/host/xtest/Makefile b/host/xtest/Makefile -index 832cba2..d95899d 100644 ---- a/host/xtest/Makefile -+++ b/host/xtest/Makefile -@@ -139,6 +139,8 @@ CFLAGS += -Wall -Wcast-align -Werror \ - -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ - -Wshadow -Wstrict-prototypes -Wswitch-default \ - -Wwrite-strings \ -+ -Wno-stringop-overflow \ -+ -Wno-array-bounds \ - -Wno-missing-field-initializers -Wno-format-zero-length - endif - -diff --git a/host/xtest/adbg/src/adbg_run.c b/host/xtest/adbg/src/adbg_run.c -index 406e429..3b57bbb 100644 ---- a/host/xtest/adbg/src/adbg_run.c -+++ b/host/xtest/adbg/src/adbg_run.c -@@ -100,7 +100,7 @@ int Do_ADBG_AppendToSuite( - snprintf(p, size, "%s+%s", Dest_p->SuiteID_p, - Source_p->SuiteID_p); - else -- strncpy(p, Source_p->SuiteID_p, size); -+ memcpy(p, Source_p->SuiteID_p, size); - free((void *)Dest_p->SuiteID_p); - Dest_p->SuiteID_p = p; - --- -1.8.3.1 - diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-9.patch b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-9.patch new file mode 100644 index 00000000..9b912777 --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-fix-build-failure-with-GCC-9.patch @@ -0,0 +1,28 @@ +From 79330c8383e02e91a355964a3cc7b932d03c2517 Mon Sep 17 00:00:00 2001 +From: Chunrong Guo <chunrong.guo@nxp.com> +Date: Wed, 10 Jul 2019 11:09:01 +0200 +Subject: [PATCH] fix build failure with GCC 9 + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: C.r. Guo <nxa13725@lsv07004.swis.us-cdc01.nxp.com> +--- + host/xtest/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/host/xtest/Makefile b/host/xtest/Makefile +index e4e2881..e86e056 100644 +--- a/host/xtest/Makefile ++++ b/host/xtest/Makefile +@@ -152,7 +152,7 @@ CFLAGS += -Wall -Wcast-align -Werror \ + -Wmissing-include-dirs -Wmissing-noreturn \ + -Wmissing-prototypes -Wnested-externs -Wpointer-arith \ + -Wshadow -Wstrict-prototypes -Wswitch-default \ +- -Wwrite-strings \ ++ -Wwrite-strings -Wno-format-overflow \ + -Wno-missing-field-initializers -Wno-format-zero-length + endif + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-use-python3-instead-of-python.patch b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-use-python3-instead-of-python.patch new file mode 100644 index 00000000..20f190af --- /dev/null +++ b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq/0001-use-python3-instead-of-python.patch @@ -0,0 +1,48 @@ +From 6271160639002a2580d80b75b5397a96d56329f2 Mon Sep 17 00:00:00 2001 +From: Scott Branden <scott.branden@broadcom.com> +Date: Fri, 27 Dec 2019 12:54:28 -0800 +Subject: [PATCH] use python3 instead of python + +use python3 instead of python as python2 is EOL January 2020. + +Signed-off-by: Scott Branden <scott.branden@broadcom.com> +Reviewed-by: Jerome Forissier <jerome@forissier.org> +Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, CFG_GCM_NIST_VECTORS=y) +Upstream-Status: Backport from v3.8.0 +--- + scripts/file_to_c.py | 4 ++-- + scripts/rsp_to_gcm_test.py | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/scripts/file_to_c.py b/scripts/file_to_c.py +index ae16f52..b4ce2a2 100755 +--- a/scripts/file_to_c.py ++++ b/scripts/file_to_c.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # SPDX-License-Identifier: BSD-2-Clause + # + # Copyright (c) 2018, Linaro Limited +@@ -29,7 +29,7 @@ def main(): + + f.write("const uint8_t " + args.name + "[] = {\n") + i = 0 +- for x in array.array("B", inf.read()): ++ for x in array.array("B", map(ord, (inf.read()))): + f.write("0x" + '{0:02x}'.format(x) + ",") + i = i + 1 + if i % 8 == 0: +diff --git a/scripts/rsp_to_gcm_test.py b/scripts/rsp_to_gcm_test.py +index 0543541..e4418be 100755 +--- a/scripts/rsp_to_gcm_test.py ++++ b/scripts/rsp_to_gcm_test.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + modes = {'encrypt': 0, 'decrypt': 1} + +-- +2.7.4 + diff --git a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb index a9aaffc7..b66725c7 100644 --- a/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb +++ b/bsp/meta-freescale/recipes-security/optee/optee-test-qoriq_git.bb @@ -4,16 +4,17 @@ HOMEPAGE = "https://github.com/qoriq-open-source/optee_test" LICENSE = "BSD & GPLv2" LIC_FILES_CHKSUM = "file://${S}/LICENSE.md;md5=daa2bcccc666345ab8940aab1315a4fa" -DEPENDS = "optee-client-qoriq optee-os-qoriq python-pycrypto-native" +DEPENDS = "optee-client-qoriq optee-os-qoriq python3-pycrypto-native" -inherit pythonnative +inherit python3native SRC_URI = "git://source.codeaurora.org/external/qoriq/qoriq-components/optee_test;nobranch=1 \ - file://0001-fix-build-failure-with-GCC-8.patch \ + file://0001-fix-build-failure-with-GCC-9.patch \ + file://0001-use-python3-instead-of-python.patch \ " S = "${WORKDIR}/git" -SRCREV = "83c87d9b368c33545688c7aad27432ff9a22868f" +SRCREV = "669058459e4a544be12f37dab103ee4c2b32e31d" OPTEE_CLIENT_EXPORT = "${STAGING_DIR_HOST}${prefix}" TEEC_EXPORT = "${STAGING_DIR_HOST}${prefix}" |