From 5b80bfd7bffd4c20d80b7c70a7130529e9a755dd Mon Sep 17 00:00:00 2001 From: ToshikazuOhiwa Date: Mon, 30 Mar 2020 09:24:26 +0900 Subject: agl-basesystem --- ...c_trace.c-snprintf-Werror-format-truncati.patch | 28 +++ ...ant-use-MMC_IOC_MULTI_CMD-for-RPMB-access.patch | 208 +++++++++++++++++++++ .../recipes-bsp/optee/optee-client/optee.service | 9 + .../recipes-bsp/optee/optee-client_git.bb | 63 +++++++ .../0001-core-define-syscall_t-as-void-void.patch | 75 ++++++++ .../recipes-bsp/optee/optee-os_git.bb | 65 +++++++ 6 files changed, 448 insertions(+) create mode 100644 bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-Fix-for-teec_trace.c-snprintf-Werror-format-truncati.patch create mode 100644 bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-tee-supplicant-use-MMC_IOC_MULTI_CMD-for-RPMB-access.patch create mode 100644 bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/optee.service create mode 100644 bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client_git.bb create mode 100644 bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-define-syscall_t-as-void-void.patch create mode 100644 bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb (limited to 'bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee') diff --git a/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-Fix-for-teec_trace.c-snprintf-Werror-format-truncati.patch b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-Fix-for-teec_trace.c-snprintf-Werror-format-truncati.patch new file mode 100644 index 00000000..db8bdace --- /dev/null +++ b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-Fix-for-teec_trace.c-snprintf-Werror-format-truncati.patch @@ -0,0 +1,28 @@ +From 30dd2986fb64aba7ee78d4e231c344e2c39d7999 Mon Sep 17 00:00:00 2001 +From: Simon Hughes +Date: Thu, 21 Jun 2018 17:22:23 +0100 +Subject: [PATCH] Fix for teec_trace.c snprintf -Werror=format-truncation= + error. + +Signed-off-by: Simon Hughes +--- + libteec/src/teec_trace.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libteec/src/teec_trace.c b/libteec/src/teec_trace.c +index 78b79d6..c91bc43 100644 +--- a/libteec/src/teec_trace.c ++++ b/libteec/src/teec_trace.c +@@ -106,7 +106,8 @@ int _dprintf(const char *function, int flen, int line, int level, + */ + int thread_id = syscall(SYS_gettid); /* perf issue ? */ + +- snprintf(prefixed, MAX_PRINT_SIZE, ++ int len = 0; ++ len = snprintf(prefixed+len, MAX_PRINT_SIZE, + "%s [%d] %s:%s:%d: %s", + trace_level_strings[level], thread_id, prefix, func, + line, raw); +-- +2.7.4 + diff --git a/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-tee-supplicant-use-MMC_IOC_MULTI_CMD-for-RPMB-access.patch b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-tee-supplicant-use-MMC_IOC_MULTI_CMD-for-RPMB-access.patch new file mode 100644 index 00000000..fddc7fc1 --- /dev/null +++ b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/0001-tee-supplicant-use-MMC_IOC_MULTI_CMD-for-RPMB-access.patch @@ -0,0 +1,208 @@ +From 04a72e88f768722edff453694e70535d36a8b1b4 Mon Sep 17 00:00:00 2001 +From: Hiroki Negishi +Date: Mon, 1 Apr 2019 13:10:57 +0900 +Subject: [PATCH] tee-supplicant: use MMC_IOC_MULTI_CMD for RPMB access + +To access RPMB, host should switch to RPMB partition. +And in RPMB partition, host should finish RPMB sequence. + +In case of using MMC_IOC_CMD as RPMB ioctl, eMMC driver switches +partition to user data area between WRITE command and READ command. +This may cause General failure. +In case of MMC_IOC_MULTI_CMD, eMMC driver keeps RPMB partition. + +This patch changes RPMB ioctl from MMC_IOC_CMD into MMC_IOC_MULTI_CMD +and changes ioctl parameters according to mmc utils. + +Signed-off-by: Hiroki Negishi +--- + tee-supplicant/src/rpmb.c | 120 +++++++++++++++++++++++----------------------- + 1 file changed, 61 insertions(+), 59 deletions(-) + +diff --git a/tee-supplicant/src/rpmb.c b/tee-supplicant/src/rpmb.c +index cac9932..29da690 100644 +--- a/tee-supplicant/src/rpmb.c ++++ b/tee-supplicant/src/rpmb.c +@@ -114,6 +114,7 @@ static pthread_mutex_t rpmb_mutex = PTHREAD_MUTEX_INITIALIZER; + */ + + #define MMC_BLOCK_MAJOR 179 ++#define RPMB_MULTI_CMD_MAX_CMDS 3 + + /* mmc_ioc_cmd.opcode */ + #define MMC_SEND_EXT_CSD 8 +@@ -130,6 +131,9 @@ static pthread_mutex_t rpmb_mutex = PTHREAD_MUTEX_INITIALIZER; + + #define MMC_CMD_ADTC (1 << 5) /* Addressed data transfer command */ + ++#define MMC_RSP_SPI_S1 (1 << 7) /* one status byte */ ++#define MMC_RSP_SPI_R1 (MMC_RSP_SPI_S1) ++ + /* mmc_ioc_cmd.write_flag */ + #define MMC_CMD23_ARG_REL_WR (1 << 31) /* CMD23 reliable write */ + +@@ -610,26 +614,38 @@ static uint32_t read_ext_csd(int fd, uint8_t *ext_csd) + return TEEC_SUCCESS; + } + ++static inline void set_single_cmd(struct mmc_ioc_cmd *ioc, __u32 opcode, ++ int write_flag, unsigned int blocks) ++{ ++ ioc->opcode = opcode; ++ ioc->write_flag = write_flag; ++ ioc->arg = 0x0; ++ ioc->blksz = 512; ++ ioc->blocks = blocks; ++ ioc->flags = MMC_RSP_SPI_R1 | MMC_RSP_R1 | MMC_CMD_ADTC; ++} ++ + static uint32_t rpmb_data_req(int fd, struct rpmb_data_frame *req_frm, + size_t req_nfrm, struct rpmb_data_frame *rsp_frm, + size_t rsp_nfrm) + { +- int st; ++ int err; + size_t i; + uint16_t msg_type = ntohs(req_frm->msg_type); +- struct mmc_ioc_cmd cmd; ++ struct mmc_ioc_cmd *ioc; ++ struct mmc_ioc_multi_cmd *mioc; ++ struct rpmb_data_frame frame_status = {0}; + +- memset(&cmd, 0, sizeof(cmd)); +- cmd.blksz = 512; +- cmd.blocks = req_nfrm; +- cmd.data_ptr = (uintptr_t)req_frm; +- cmd.flags = MMC_RSP_R1 | MMC_CMD_ADTC; +- cmd.opcode = MMC_WRITE_MULTIPLE_BLOCK; +- cmd.write_flag = 1; ++ mioc = (struct mmc_ioc_multi_cmd *) ++ malloc(sizeof(struct mmc_ioc_multi_cmd) + ++ RPMB_MULTI_CMD_MAX_CMDS * sizeof(struct mmc_ioc_cmd)); ++ if (!mioc) ++ return -ENOMEM; + + for (i = 1; i < req_nfrm; i++) { + if (req_frm[i].msg_type != msg_type) { + EMSG("All request frames shall be of the same type"); ++ free(mioc); + return TEEC_ERROR_BAD_PARAMETERS; + } + } +@@ -642,77 +658,63 @@ static uint32_t rpmb_data_req(int fd, struct rpmb_data_frame *req_frm, + case RPMB_MSG_TYPE_REQ_AUTH_DATA_WRITE: + if (rsp_nfrm != 1) { + EMSG("Expected only one response frame"); ++ free(mioc); + return TEEC_ERROR_BAD_PARAMETERS; + } + +- /* Send write request frame(s) */ +- cmd.write_flag |= MMC_CMD23_ARG_REL_WR; +- /* +- * Black magic: tested on a HiKey board with a HardKernel eMMC +- * module. When postsleep values are zero, the kernel logs +- * random errors: "mmc_blk_ioctl_cmd: Card Status=0x00000E00" +- * and ioctl() fails. +- */ +- cmd.postsleep_min_us = 20000; +- cmd.postsleep_max_us = 50000; +- st = IOCTL(fd, MMC_IOC_CMD, &cmd); +- if (st < 0) +- return TEEC_ERROR_GENERIC; +- cmd.postsleep_min_us = 0; +- cmd.postsleep_max_us = 0; +- +- /* Send result request frame */ +- memset(rsp_frm, 0, 1); +- rsp_frm->msg_type = htons(RPMB_MSG_TYPE_REQ_RESULT_READ); +- cmd.data_ptr = (uintptr_t)rsp_frm; +- cmd.write_flag &= ~MMC_CMD23_ARG_REL_WR; +- st = IOCTL(fd, MMC_IOC_CMD, &cmd); +- if (st < 0) +- return TEEC_ERROR_GENERIC; +- +- /* Read response frame */ +- cmd.opcode = MMC_READ_MULTIPLE_BLOCK; +- cmd.write_flag = 0; +- cmd.blocks = rsp_nfrm; +- st = IOCTL(fd, MMC_IOC_CMD, &cmd); +- if (st < 0) +- return TEEC_ERROR_GENERIC; ++ mioc->num_of_cmds = 3; ++ ++ /* Write request */ ++ ioc = &mioc->cmds[0]; ++ set_single_cmd(ioc, MMC_WRITE_MULTIPLE_BLOCK, (1 << 31) | 1, 1); ++ mmc_ioc_cmd_set_data((*ioc), req_frm); ++ ++ /* Result request */ ++ ioc = &mioc->cmds[1]; ++ frame_status.msg_type = htobe16(RPMB_MSG_TYPE_REQ_RESULT_READ); ++ set_single_cmd(ioc, MMC_WRITE_MULTIPLE_BLOCK, 1, 1); ++ mmc_ioc_cmd_set_data((*ioc), &frame_status); ++ ++ /* Get response */ ++ ioc = &mioc->cmds[2]; ++ set_single_cmd(ioc, MMC_READ_MULTIPLE_BLOCK, 0, 1); ++ mmc_ioc_cmd_set_data((*ioc), rsp_frm); ++ + break; + + case RPMB_MSG_TYPE_REQ_WRITE_COUNTER_VAL_READ: + if (rsp_nfrm != 1) { + EMSG("Expected only one response frame"); ++ free(mioc); + return TEEC_ERROR_BAD_PARAMETERS; + } + + /* Fall through */ + case RPMB_MSG_TYPE_REQ_AUTH_DATA_READ: +- if (req_nfrm != 1) { +- EMSG("Expected only one request frame"); +- return TEEC_ERROR_BAD_PARAMETERS; +- } ++ mioc->num_of_cmds = 2; ++ ++ /* Read request */ ++ ioc = &mioc->cmds[0]; ++ set_single_cmd(ioc, MMC_WRITE_MULTIPLE_BLOCK, 1, 1); ++ mmc_ioc_cmd_set_data((*ioc), req_frm); ++ ++ /* Get response */ ++ ioc = &mioc->cmds[1]; ++ set_single_cmd(ioc, MMC_READ_MULTIPLE_BLOCK, 0, rsp_nfrm); ++ mmc_ioc_cmd_set_data((*ioc), rsp_frm); + +- /* Send request frame */ +- st = IOCTL(fd, MMC_IOC_CMD, &cmd); +- if (st < 0) +- return TEEC_ERROR_GENERIC; +- +- /* Read response frames */ +- cmd.data_ptr = (uintptr_t)rsp_frm; +- cmd.opcode = MMC_READ_MULTIPLE_BLOCK; +- cmd.write_flag = 0; +- cmd.blocks = rsp_nfrm; +- st = IOCTL(fd, MMC_IOC_CMD, &cmd); +- if (st < 0) +- return TEEC_ERROR_GENERIC; + break; + + default: + EMSG("Unsupported message type: %d", msg_type); ++ free(mioc); + return TEEC_ERROR_GENERIC; + } + +- return TEEC_SUCCESS; ++ err = ioctl(fd, MMC_IOC_MULTI_CMD, mioc); ++ ++ free(mioc); ++ return err; + } + + static uint32_t rpmb_get_dev_info(uint16_t dev_id, struct rpmb_dev_info *info) +-- +2.7.4 + diff --git a/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/optee.service b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/optee.service new file mode 100644 index 00000000..37fc4f75 --- /dev/null +++ b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client/optee.service @@ -0,0 +1,9 @@ +[Unit] +Description=optee services + +[Service] +ExecStart=/usr/bin/tee-supplicant +ExecStop=/usr/bin/killall -s KILL tee-supplicant + +[Install] +WantedBy=multi-user.target diff --git a/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client_git.bb b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client_git.bb new file mode 100644 index 00000000..960c6141 --- /dev/null +++ b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-client_git.bb @@ -0,0 +1,63 @@ +DESCRIPTION = "OP-TEE Client" +LICENSE = "BSD-2-Clause" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" +PR = "r0" +PV = "3.1.0+renesas+git${SRCPV}" +BRANCH = "master" +SRC_URI = "git://github.com/OP-TEE/optee_client.git;branch=${BRANCH}" +SRCREV = "3f16662284a69fdec97b1712064be94d1fed7ae7" + +SRC_URI += " \ + file://optee.service \ + file://0001-Fix-for-teec_trace.c-snprintf-Werror-format-truncati.patch \ + file://0001-tee-supplicant-use-MMC_IOC_MULTI_CMD-for-RPMB-access.patch \ +" + +inherit pythonnative systemd +SYSTEMD_SERVICE_${PN} = "optee.service" + +COMPATIBLE_MACHINE = "salvator-x|h3ulcb|m3ulcb|m3nulcb|ebisu" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +S = "${WORKDIR}/git" + +# Recipe which fail to compile when enabling _FORTIFY_SOURCE=2 option +SECURITY_CFLAGS_pn-optee-client = "" + +EXTRA_OEMAKE = "RPMB_EMU=0" + +do_install () { + # Create destination directories + install -d ${D}/${libdir} + install -d ${D}/${includedir} + + # Install library + install -m 0755 ${S}/out/export/lib/libteec.so.1.0 ${D}/${libdir} + + # Create symbolic link + cd ${D}/${libdir} + ln -sf libteec.so.1.0 libteec.so.1 + ln -sf libteec.so.1 libteec.so + + # Install header files + install -m 0644 ${S}/out/export/include/* ${D}/${includedir} + + # Install systemd service configure file for OP-TEE client + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}/${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/optee.service ${D}/${systemd_system_unitdir} + fi +} + +# install the tee-supplicant for 64 bit only. +do_install_append_aarch64 () { + # Create destination directory + install -d ${D}/${bindir} + + # Install binary to bindir + install -m 0755 ${S}/out/export/bin/tee-supplicant ${D}/${bindir} +} + +RPROVIDES_${PN} += "optee-client" diff --git a/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-define-syscall_t-as-void-void.patch b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-define-syscall_t-as-void-void.patch new file mode 100644 index 00000000..bad7b27c --- /dev/null +++ b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-define-syscall_t-as-void-void.patch @@ -0,0 +1,75 @@ +From f6d17e33e7b95c90a2521cfd37cd5cb511909fc4 Mon Sep 17 00:00:00 2001 +From: Jerome Forissier +Date: Thu, 5 Jul 2018 13:07:52 +0200 +Subject: [PATCH] core: define syscall_t as void (*)(void) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +syscall_t is currently typedef'ed as TEE_Result (*)(void). It is used to +represent a pointer to any system call, in the syscall table for instance. +As such, the exact type behind syscall_t cannot reflect all the syscalls +since they have different prototypes. The current declaration with a +TEE_Result return type was probably chosen because it was a common +characteristic of all syscalls to return a TEE_Result. + +However, this type causes compilation warnings with GCC 8.1: + +core/arch/arm/tee/arch_svc.c:43:36: warning: cast between incompatible function types from ‘void (*)(long unsigned int)’ to ‘TEE_Result (*)(void)’ {aka ‘unsigned int (*)(void)’} [-Wcast-function-type] + #define SYSCALL_ENTRY(_fn) { .fn = (syscall_t)_fn } + ^ +core/arch/arm/tee/arch_svc.c:50:2: note: in expansion of macro ‘SYSCALL_ENTRY’ + SYSCALL_ENTRY(syscall_sys_return), + ^~~~~~~~~~~~~ + +The solution is to use 'void (*)(void)' instead, as explained in the GCC +documentation: + + -Wcast-function-type + + Warn when a function pointer is cast to an incompatible function + pointer. [...] The function type void (*) (void) is special and matches + everything, which can be used to suppress this warning. [...] + +Link: [1] https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html +Signed-off-by: Jerome Forissier +Acked-by: Jens Wiklander +--- + core/arch/arm/tee/arch_svc.c | 2 +- + core/arch/arm/tee/arch_svc_private.h | 7 +++++-- + 2 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/core/arch/arm/tee/arch_svc.c b/core/arch/arm/tee/arch_svc.c +index eb142ec..b2dd193 100644 +--- a/core/arch/arm/tee/arch_svc.c ++++ b/core/arch/arm/tee/arch_svc.c +@@ -208,7 +208,7 @@ void __weak tee_svc_handler(struct thread_svc_regs *regs) + } + + if (scn > TEE_SCN_MAX) +- scf = syscall_not_supported; ++ scf = (syscall_t)syscall_not_supported; + else + scf = tee_svc_syscall_table[scn].fn; + +diff --git a/core/arch/arm/tee/arch_svc_private.h b/core/arch/arm/tee/arch_svc_private.h +index c0b3a73..695e733 100644 +--- a/core/arch/arm/tee/arch_svc_private.h ++++ b/core/arch/arm/tee/arch_svc_private.h +@@ -7,8 +7,11 @@ + + #include + +-/* void argument but in reality it can be any number of arguments */ +-typedef TEE_Result (*syscall_t)(void); ++/* ++ * Generic "pointer to function" type. Actual syscalls take zero or more ++ * arguments and return TEE_Result. ++ */ ++typedef void (*syscall_t)(void); + + /* Helper function for tee_svc_handler() */ + uint32_t tee_svc_do_call(struct thread_svc_regs *regs, syscall_t func); +-- +2.7.4 + diff --git a/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb new file mode 100644 index 00000000..aeea185b --- /dev/null +++ b/bsp/meta-renesas-rcar-gen3/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb @@ -0,0 +1,65 @@ +DESCRIPTION = "OP-TEE OS" + +LICENSE = "BSD-2-Clause & BSD-3-Clause" +LIC_FILES_CHKSUM = " \ + file://LICENSE;md5=69663ab153298557a59c67a60a743e5b \ + file://${WORKDIR}/git_official/LICENSE;md5=69663ab153298557a59c67a60a743e5b \ +" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +inherit deploy pythonnative + +PV = "3.1.0+renesas+git${SRCPV}" + +BRANCH = "rcar_gen3" +SRCREV_renesas = "19fb6dcbf42631f23afed406e893310eb30cd548" +SRCREV_officialgit = "e77020396508fc086d7a4d6137388b116e4a662f" +SRCREV_FORMAT = "renesas_officialgit" + +SRC_URI = " \ + git://github.com/renesas-rcar/optee_os.git;branch=${BRANCH};name=renesas \ + git://github.com/OP-TEE/optee_os.git;branch=master;name=officialgit;destsuffix=git_official \ + file://0001-core-define-syscall_t-as-void-void.patch \ +" + +COMPATIBLE_MACHINE = "(salvator-x|h3ulcb|m3ulcb|m3nulcb|ebisu)" +PLATFORM = "rcar" + +DEPENDS = "python-pycrypto-native" + +export CROSS_COMPILE64="${TARGET_PREFIX}" + +# Let the Makefile handle setting up the flags as it is a standalone application +LD[unexport] = "1" +LDFLAGS[unexport] = "1" +export CCcore="${CC}" +export LDcore="${LD}" +libdir[unexport] = "1" + +S = "${WORKDIR}/git" +EXTRA_OEMAKE = "-e MAKEFLAGS=" + +do_configure() { + git -C ${WORKDIR}/git_official checkout -B official 3.1.0 + git -C ${WORKDIR}/git_official cherry-pick -n ${SRCREV_officialgit} + cp -rn ${WORKDIR}/git_official/core/lib/libtomcrypt ${B}/core/lib/. +} + +do_compile() { + oe_runmake PLATFORM=${PLATFORM} CFG_ARM64_core=y +} + +# do_install() nothing +do_install[noexec] = "1" + +do_deploy() { + # Create deploy folder + install -d ${DEPLOYDIR} + + # Copy TEE OS to deploy folder + install -m 0644 ${S}/out/arm-plat-${PLATFORM}/core/tee.elf ${DEPLOYDIR}/tee-${MACHINE}.elf + install -m 0644 ${S}/out/arm-plat-${PLATFORM}/core/tee.bin ${DEPLOYDIR}/tee-${MACHINE}.bin + install -m 0644 ${S}/out/arm-plat-${PLATFORM}/core/tee.srec ${DEPLOYDIR}/tee-${MACHINE}.srec +} +addtask deploy before do_build after do_compile -- cgit 1.2.3-korg