diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2023-06-15 20:50:14 +0300 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2023-06-15 23:22:16 +0300 |
| commit | 6ad2fb6c009c7501865f18d8c14fbe1c06dd829d (patch) | |
| tree | f81caa9afbcb1fd3d12d335fc95cb725672e2148 /meta-arm/meta-arm-bsp/recipes-security/trusted-services | |
| parent | f4e5dde7fa70d6927253adf5cf32c31073293b32 (diff) | |
| download | openbmc-6ad2fb6c009c7501865f18d8c14fbe1c06dd829d.tar.xz | |
subtree updates
meta-openembedded: c5668905a6..cbbaa82238:
Alex Kiernan (1):
lldpd: Upgrade 1.0.14 -> 1.0.15
Alexander Stein (1):
dool: Add patch to fix rebuild
Archana Polampalli (1):
Nodejs - Upgrade to 16.18.1
Armin Kuster (2):
meta-oe][PATCH] gst-editing-services: fix typo in LICENSE field.
Revert "waf-samba.bbclass: point PYTHON_CONFIG to target python3-config"
Arsalan H. Awan (1):
meta-networking/licenses/netperf: remove unused license
Changqing Li (3):
redis: 7.0.5 -> 7.0.7
redis: 6.2.7 -> 6.2.8
redis: upgrade 7.0.9 -> 7.0.10
Chee Yang Lee (5):
zsh: Fix CVE-2021-45444
fwupd: Fix CVE-2022-3287
redis: Upgrade to 7.0.8
redis: Upgrade to 6.2.9
tinyproxy: fix CVE-2022-40468
Chen Pei (1):
botan: upgrade 2.19.2 -> 2.19.3
Chen Qi (4):
xfce4-verve-plugin: fix do_configure faiure about missing libpcre
networkmanager: fix dhcpcd PACKAGECONFIG
networkmanager: install config files into correct place
networkmanager: fix /etc/resolv.conf handling
Dmitry Baryshkov (1):
nss: fix cross-compilation error
Geoff Parker (1):
python3-pillow: add tk to RDEPENDS ptest pkg only if x11 in DISTRO_FEATURES
Hermes Zhang (1):
kernel_add_regdb: Change the task order
Jasper Orschulko (1):
python3-gcovr: Add missing runtime dependency
Joe Slater (1):
phoronix-test-suite: fix CVE-2022-40704
Kai Kang (2):
freeradius: fix multilib systemd service start failure
postfix: fix multilib conflict of sample-main.cf
Khem Raj (15):
gnome-text-editor: Add missing libpcre build time depenedency
ettercap: Add missing dependency on libpcre
imapfilter: Upgrade to 2.7.6
aufs-util: Fix build with large file support enabled systems
volume-key: Inherit python3targetconfig
audit: Inherit python3targetconfig
waf-samba.bbclass: point PYTHON_CONFIG to target python3-config
fontforge: Inherit python3targetconfig
sshpass: Use SPDX identified string for GPLv2
perfetto: Do not pass TUNE_CCARGS to native/host compiler
net-snmp: Fix build with clang16
ncmpc: Upgrade to 0.47
mpd: Upgrade to 0.23.12 release
redis: Upgrade 6.x recipe to 6.2.11
redis: Upgrade 7.x to 7.0.9
Leon Anavi (1):
python3-pythonping: Upgrade 1.1.3 -> 1.1.4
Markus Volk (3):
libcamera: upgrade -> 0.0.1
blueman: add RDEPEND on python3-fcntl
perfetto: pass TUNE_CCARGS to use machine tune
Martin Jansa (11):
monkey: use git fetcher
nss: fix SRC_URI
exiv2: fix SRC_URI
mdns: use git fetcher
zsh: fix installed-vs-shipped with multilib
restinio: fix S variable in multilib builds
mongodb: fix chown user for multilib builds
pahole: respect libdir
lvgl,lv-lib-png,lv-drivers: fix installed-vs-shipped QA issue with multilib
lirc: fix do_install with multilib
dleyna-{server,renderer}: fix dev-so QA issue with multilib
Mathieu Dubois-Briand (2):
nss: Add missing CVE product
nss: Whitelist CVEs related to libnssdbm
Mingli Yu (1):
php: Upgrade to 8.1.16
Narpat Mali (1):
net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
Omkar Patil (1):
ntfs-3g-ntfsprogs: Upgrade 2022.5.17 to 2022.10.3
Peter Kjellerstedt (2):
chrony: Make it possible to enable editline support again
chrony: Remove the libcap and nss PACKAGECONFIGs
Peter Marko (4):
cpputest: remove dev package dependency
ntp: whitelist CVE-2019-11331
c-ares: fix CVE-2022-4904
dnsmasq: fix CVE-2023-28450
Polampalli, Archana (1):
nodejs: Upgrade 16.19.0 -> 16.19.1
Preeti Sachan (1):
fluidsynth: update SRC_URI to remove non-existing 2.2.x branch
Randy MacLeod (2):
python3-pillow: add ptest support
python3-pillow: Add distutils, unixadmin for ptest
Robert Joslyn (1):
fwupd: Fix plugin_gpio PACKAGECONFIG
Samuli Piippo (1):
protobuf: stage protoc binary to sysroot
Stefan Ghinea (1):
mbedtls: upgrade to 2.28.2 to fix CVE-2022-46392, CVE-2022-46393
Tim Orling (1):
nodejs: upgrade 16.18.1 -> 16.19.0
Tom Hochstein (1):
nlohmann-json: Allow empty main package for SDK
Valeria Petrov (1):
apache2: upgrade 2.4.56 -> 2.4.57
Wang Mingyu (34):
bats: upgrade 1.8.0 -> 1.8.2
ctags: upgrade 5.9.20221009.0 -> 5.9.20221016.0
fvwm: upgrade 2.6.9 -> 2.7.0
makedumpfile: upgrade 1.7.1 -> 1.7.2
sanlock: upgrade 3.8.4 -> 3.8.5
python3-astroid: upgrade 2.12.11 -> 2.12.12
python3-charset-normalizer: upgrade 2.1.1 -> 3.0.0
python3-google-api-python-client: upgrade 2.64.0 -> 2.65.0
python3-google-auth: upgrade 2.12.0 -> 2.13.0
python3-huey: upgrade 2.4.3 -> 2.4.4
python3-oauthlib: upgrade 3.2.1 -> 3.2.2
python3-pandas: upgrade 1.5.0 -> 1.5.1
python3-pika: upgrade 1.3.0 -> 1.3.1
python3-protobuf: upgrade 4.21.7 -> 4.21.8
python3-pywbemtools: upgrade 1.0.0 -> 1.0.1
python3-socketio: upgrade 5.7.1 -> 5.7.2
python3-sqlalchemy: upgrade 1.4.41 -> 1.4.42
tracker: upgrade 3.4.0 -> 3.4.1
wolfssl: upgrade 5.5.1 -> 5.5.2
cglm: upgrade 0.8.5 -> 0.8.7
ctags: upgrade 5.9.20221016.0 -> 5.9.20221023.0
function2: upgrade 4.2.1 -> 4.2.2
poco: upgrade 1.12.2 -> 1.12.3
audit: upgrade 3.0.8 -> 3.0.9
colord: upgrade 1.4.5 -> 1.4.6
smcroute: upgrade 2.5.5 -> 2.5.6
openwsman: upgrade 2.7.1 -> 2.7.2
python3-pillow: upgrade 9.2.0 -> 9.3.0
python3-pillow: upgrade 9.3.0 -> 9.4.0
apache2: upgrade 2.4.54 -> 2.4.55
python3-django: upgrade 4.1 -> 4.1.3
python3-django: upgrade 4.1.3 -> 4.1.6
apache2: upgrade 2.4.55 -> 2.4.56
openwsman: Change download branch from master to main.
Xiangyu Chen (1):
ipmitool: fix typo in .bb file's comments, using = instead of =?
Yi Zhao (4):
ostree: fix selinux policy rebuild error on first deployment
strongswan: upgrade 5.9.8 -> 5.9.9
freeradius: Security fixes for CVE-2022-41860 CVE-2022-41861
apache2: use /run instead of /var/run for systemd volatile config
Yogita Urade (1):
multipath-tools: fix CVE-2022-41974
zhengruoqin (2):
tcpslice: upgrade 1.5 -> 1.6
tio: upgrade 2.1 -> 2.2
meta-arm: 4ee457693e..58952aa7ba:
Abdellatif El Khlifi (1):
arm-bsp/documentation: corstone1000: 2022.11.10 RC: update the user guide
Adam Johnston (2):
arm/trusted-services: Fix 'no such file' when building libts
CI: Remove ts-smm-gateway from N1SDP
Adrian Herrera (2):
atp: decouple m5readfile from m5ops
atp: move m5readfile to meta-gem5
Adrián Herrera Arcila (5):
atp: fix failing test_readme
gem5: support for EXTRAS
atp: separate recipe for gem5 models
atp: fix machine overrides in recipes
ci: add meta-atp to check-layers
Anton Antonov (1):
arm-bsp/fvp-base: Enable virtio-rng support and unset preferred 5.15 kernel
Daniel Díaz (1):
arm-bsp/firmware-image-juno: Fix deployment of compressed Image
Diego Sueiro (2):
arm/classes: Introduce apply_local_src_patches bbclass
arm/trusted-firmware-m: Fix local source patches application
Emekcan (3):
arm-bsp/trusted-services: add checks for null attributes in smm gateway
arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm gateway
arm/fvp: Upgrade Corstone1000 FVP
Emekcan Aras (3):
arm-bsp/documentation: corstone1000: update the user guide
kas/corstone1000-base.yml: set refspec for Corstone1000 release
arm/trusted-firmware-m: Do not use release branches
Gowtham Suresh Kumar (6):
arm/edk2-basetools: Add edk2 base tool native recipe
arm-bsp/uefi_capsule: Add UEFI capsule generation class
arm-bsp/corstone1000-image: Generate UEFI capsule for corstone1000 platform
arm/edk2-basetools: Convert edk2 basetools recipes to native only
arm-bsp/uefi_capsule: Use json file to pass capsule config
arm-bsp/uefi_capsule: Move UEFI capsule to IMGDEPLOYDIR
Jon Mason (4):
CI: define DEFAULT_TAG and CPU_REQUEST
arm-bsp/juno: move to compressed initramfs image
arm-bsp/juno: Update kernel patches to the latest
CI: dev kernel allow failure
Luca Fancellu (1):
arm,arm-bsp/recipes-kernel: don't use PN in arm-ffa-transport.inc
Peter Hoyes (15):
arm/fvp: Join cli arguments in verbose logging
arm/lib: Factor out asyncio in FVPRunner
arm/lib: Decouple console parsing from the FVPRunner
arm/oeqa: Log the FVP output in OEFVPSSHTarget
runfvp: Fix verbose output when using --console
arm/fvp: Backport shlex.join from Python 3.8
arm/fvpboot: Disable timing annotation by default
arm/classes: Ensure patch files are sorted in apply_local_src_patches
arm/scp-firmware: Ensure CMAKE_BUILD_TYPE is capitalized
arm/scp-firmware: Disable cppcheck
arm/lib: Add XAUTHORITY to runfvp environment
classes: Define FVP_ENV_PASSTHROUGH variable dependencies
classes: Prevent passing None to the runfvp environment
classes: Set ARMLMD_LICENSE_FILE in the runfvp environment
CI: Add BUILD_ENABLE_REGEX option to conditionally enable builds
Qi Feng (1):
kas/fvp-baser-aemv8r64: Use langdale as kas default refspec
Robbie Cao (1):
arm/fvp-base-r-aem: upgrade to version 11.20.15
Ross Burton (9):
arm/linux-arm64-ack: fix buildpaths in the perf Python module
CI: revert a meta-clang change which breaks pixman (thus, xserver)
CI: add variables needed for k8s runners
CI: add tags to all jobs
CI: no need to install telnet
CI: use the .setup fragment in machine-coverage
CI: fix builds with clang
CI: pin to kas 3.2 as 3.2.1 fails
arm-bsp/external-system: fix the gen_module race, again
Rui Miguel Silva (4):
arm/trusted-services: check before applying patches
arm-bsp/trusted-services: psa test setup corstone1000
arm-bsp/trusted-firmware-m: adjust ps assets for corstone1000
kas/corstone500.yml: pin repos to langdale
Vishnu Banavath (3):
arm-bsp/documentation: corstone1000: 2022.11.10 RC: update the release notes
arm-bsp/documentation: corstone1000: 2022.11.10 RC: update the change log
arm-bsp/optee: register DRAM1 for N1SDP target
poky: 6b9db5a99b..3e95f268ce:
Adrian Freihofer (2):
buildconf: compare abspath
bblayers/setupwriters/oe-setup-layers: create dir if not exists
Alejandro Hernandez Samaniego (2):
baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES
testimage: Fix error message to reflect new syntax
Alex Kiernan (2):
cargo_common.bbclass: Fix typos
classes: image: Set empty weak default IMAGE_LINGUAS
Alex Stewart (2):
lsof: add update-alternatives logic
opkg: upgrade to version 0.6.1
Alexander Kanavin (69):
rust-target-config: match riscv target names with what rust expects
rust: install rustfmt for riscv32 as well
shadow: update 4.12.1 -> 4.12.3
lttng-modules: upgrade 2.13.4 -> 2.13.5
quilt: backport a patch to address grep 3.8 failures
go: submit patch upstream
go: update 1.19 -> 1.19.2
groff: submit patches upstream
tcl: correct patch status
lttng-tools: submit determinism.patch upstream
kea: submit patch upstream
ovmf: correct patches status
libffi: submit patch upstream
rust: submit a rewritten version of crossbeam_atomic.patch upstream
ffmpeg: upgrade 5.1.1 -> 5.1.2
linux-firmware: upgrade 20220913 -> 20221012
xwayland: upgrade 22.1.3 -> 22.1.4
libffi: upgrade 3.4.2 -> 3.4.4
libical: upgrade 3.0.15 -> 3.0.16
mtd-utils: upgrade 2.1.4 -> 2.1.5
selftest: add a copy of previous mtd-utils version to meta-selftest
gdk-pixbuf: upgrade 2.42.9 -> 2.42.10
pango: upgrade 1.50.10 -> 1.50.11
pango: replace a recipe fix with an upstream submitted patch
gstreamer1.0: upgrade 1.20.3 -> 1.20.4
libepoxy: convert to git
libepoxy: update 1.5.9 -> 1.5.10
mesa: do not rely on native llvm-config in target sysroot
systemd: update 251.4 -> 251.8
vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that
gnomebase.bbclass: return the whole version for tarball directory if it is a number
glibc-tests: correctly pull in the actual tests when installing -ptest package
libnewt: update 0.52.21 -> 0.52.23
ruby: merge .inc into .bb
ruby: update 3.1.2 -> 3.1.3
tzdata: update 2022d -> 2022g
cmake: update 3.24.0 -> 3.24.2
devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree
libarchive: upgrade 3.6.1 -> 3.6.2
go: update 1.19.3 -> 1.19.4
devtool: process local files only for the main branch
libksba: update 1.6.2 -> 1.6.3
linux-firmware: upgrade 20221109 -> 20221214
xwayland: upgrade 22.1.5 -> 22.1.7
xserver-xorg: upgrade 21.1.4 -> 21.1.6
selftest/virgl: use pkg-config from the host
vulkan-samples: branch rename master -> main
gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests
oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal
diffutils: update 3.8 -> 3.9
lttng-tools: update 2.13.8 -> 2.13.9
apr: update 1.7.0 -> 1.7.2
apr-util: update 1.6.1 -> 1.6.3
bind: upgrade 9.18.10 -> 9.18.11
libjpeg-turbo: upgrade 2.1.4 -> 2.1.5
pkgconf: upgrade 1.9.3 -> 1.9.4
linux-firmware: upgrade 20221214 -> 20230117
sudo: upgrade 1.9.12p1 -> 1.9.12p2
libgit2: upgrade 1.5.0 -> 1.5.1
vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
dbus: upgrade 1.14.4 -> 1.14.6
linux-firmware: upgrade 20230117 -> 20230210
wireless-regdb: upgrade 2022.08.12 -> 2023.02.13
bblayers/makesetup: skip git repos that are submodules
sudo: update 1.9.12p2 -> 1.9.13p2
libdnf: update 0.69.0 -> 0.70.0
pango: upgrade 1.50.12 -> 1.50.13
apt: re-enable version check
devtool/upgrade: do not delete the workspace/recipes directory
Alexey Smirnov (1):
classes: make TOOLCHAIN more permissive for kernel
Alexis Lothoré (1):
oeqa/selftest/resulttooltests: fix minor typo
Andrew Geissler (1):
filemap.py: enforce maximum of 4kb block size
Anton Antonov (1):
rust: Do not use default compiler flags defined in CC crate
Antonin Godard (2):
busybox: always start do_compile with orig config files
busybox: rm temporary files if do_compile was interrupted
Armin Kuster (1):
lttng-modules: Fix for 5.10.163 kernel version
Arnout Vandecappelle (1):
python3-pytest: depend on python3-tomli instead of python3-toml
Arturo Buzarra (1):
run-postinsts: Set dependency for ldconfig to avoid boot issues
Benoît Mauduit (1):
lib/oe/reproducible: Use git log without gpg signature
Bernhard Rosenkränzer (1):
cmake-native: Fix host tool contamination
Bhabu Bindu (1):
qemu: Fix CVE-2022-4144
Bruce Ashfield (35):
linux-yocto/5.15: update to v5.15.72
linux-yocto/5.19: update to v5.19.14
kern-tools: fix relative path processing
linux-yocto/5.15: update to v5.15.74
linux-yocto/5.15: update to v5.15.76
linux-yocto/5.15: update to v5.15.78
linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings
linux-yocto/5.19: update to v5.19.16
linux-yocto/5.19: update to v5.19.17
linux-yocto/5.19: cfg: intel and vesa updates
linux-yocto/5.19: security.cfg: remove configs which have been dropped
linux-yocto/5.19: fix CONFIG_CRYPTO_CCM mismatch warnings
linux-yocto/5.19: fix elfutils run-backtrace-native-core ptest failure
kern-tools: integrate ZFS speedup patch
linux-yocto/5.19: fix perf build with clang
linux-yocto/5.15: ltp and squashfs fixes
linux-yocto/5.15: fix perf build with clang
linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off
linux-yocto/5.15: update to v5.15.84
linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy
linux-yocto/5.19: powerpc: Fix reschedule bug in KUAP-unlocked user copy
linux-yocto/5.15: update to v5.15.87
linux-yocto/5.15: update to v5.15.89
linux-yocto/5.15: update to v5.15.91
lttng-modules: fix for kernel 6.2+
linux-yocto/5.15: update to v5.15.94
linux-yocto/5.15: update to v5.15.96
linux-yocto-rt/5.15: update to -rt59
linux-yocto/5.15: update to v5.15.98
linux-yocto/5.15: update to v5.15.103
lttng-modules: update to v2.13.9
kernel-devsrc: fix mismatched compiler warning
linux-yocto/5.15: update to v5.15.106
linux-yocto/5.15: update to v5.15.107
linux-yocto/5.15: update to v5.15.108
Carlos Alberto Lopez Perez (3):
xwayland: libxshmfence is needed when dri3 is enabled
mesa-gl: gallium is required when enabling x11
mesa-demos: packageconfig weston should have a dependency on wayland-protocols
Changqing Li (2):
base.bbclass: Fix way to check ccache path
apt: fix do_package_qa failure
Charlie Johnston (1):
opkg: ensure opkg uses private gpg.conf when applying keys.
Chee Yang Lee (5):
git: upgrade to 2.37.5
tiff: fix multiple CVEs
git: ignore CVE-2023-22743
tiff: Fix CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799
go: upgrade to 1.19.7
Chen Qi (9):
kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild
dhcpcd: fix to work with systemd
resolvconf: make it work
psplash: consider the situation of psplash not exist for systemd
bc: extend to nativesdk
rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work
dhcpcd: backport two patches to fix runtime error
libseccomp: fix typo in DESCRIPTION
ffmpeg: fix configure failure on noexec /tmp host
Chris Elledge (1):
busybox: move hwclock init earlier in startup
Christian Eggers (1):
linux-firmware: split rtl8761 firmware
Christoph Lauer (1):
populate_sdk_base: add zip options
Claus Stovgaard (1):
gstreamer1.0-libav: fix errors with ffmpeg 5.x
Diego Sueiro (1):
kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR
Dmitry Baryshkov (5):
linux-firmware: upgrade 20221012 -> 20221109
linux-firmware: add new fw file to ${PN}-qcom-adreno-a530
linux-firmware: properly set license for all Qualcomm firmware
linux-firmware: add yamato fw files to qcom-adreno-a2xx package
ffmpeg: fix build failure when vulkan is enabled
Ed Tanous (1):
openssl: Upgrade 3.0.5 -> 3.0.7
Enguerrand de Ribaucourt (1):
bitbake-layers: fix a typo
Enrico Jörns (8):
sstatesig: emit more helpful error message when not finding sstate manifest
oeqa/selftest/cases/runqemu: update imports
oeqa/targetcontrol: fix misspelled RuntimeError
oeqa/targetcontrol: do not set dump_host_cmds redundantly
oeqa/targetcontrol: remove unused imports
oeqa/utils/commands: fix usage of undefined EPIPE
oeqa/utils/commands: remove unused imports
oeqa/utils/qemurunner: replace hard-coded user 'root' in debug output
Etienne Cordonnier (2):
mirrors.bbclass: use shallow tarball for binutils-native
bitbake: siggen: Fix inefficient string concatenation
Fawzi KHABER (3):
ref-manual: update DEV_PKG_DEPENDENCY in variables
package.bbclass: check packages name conflict in do_package
oeqa/selftest/cases/package.py: adding unittest for package rename conflicts
Federico Pellegrin (1):
curl: fix dependencies when building with ldap/ldaps
Frank de Brabander (2):
bitbake: process: log odd unlink events with bitbake.sock
bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system
Frederic Martinsons (1):
cargo.bbclass: use offline mode for building
Geoffrey GIRY (2):
cve-extra-exclusions: ignore inapplicable linux-yocto CVEs
cve-check: Fix false negative version issue
Harald Seiler (2):
opkg: Set correct info_dir and status_file in opkg.conf
bootchart2: Fix usrmerge support
He Zhe (1):
lttng-modules: update 2.13.7 -> 2.13.8
Hitendra Prajapati (3):
openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption
libarchive: CVE-2022-36227 NULL pointer dereference in archive_write.c
libxml2: Fix CVE-2022-40303 && CVE-2022-40304
Jagadeesh Krishnanjanappa (1):
qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image
Jan Kircher (1):
toolchain-scripts: compatibility with unbound variable protection
Jan-Simon Moeller (1):
buildtools-tarball: export certificates to python and curl
Jeremy Puhlman (1):
qemu-native: Add PACKAGECONFIG option for jack
Jermain Horsman (1):
cve-check: write the cve manifest to IMGDEPLOYDIR
Jose Quaresma (10):
kernel-yocto: improve fatal error messages of symbol_why.py
archiver: avoid using machine variable as it breaks multiconfig
sstatesig: skip the rm_work task signature
rm_work: exclude the SSTATETASKS from the rm_work tasks sinature
sstate: Allow optimisation of do_deploy_archives task dependencies
Revert "gstreamer1.0: disable flaky gstbin:test_watch_for_state_change test"
gstreamer1.0: Fix race conditions in gstbin tests
oeqs/selftest: OESelftestTestContext: replace the os.environ after subprocess.check_output
oeqa/selftest: OESelftestTestContext: convert relative to full path when newbuilddir is provided
oeqa/selftest/reproducible: Split different packages from missing packages output
Joshua Watt (6):
runqemu: Do not perturb script environment
runqemu: Fix gl-es argument from causing other arguments to be ignored
qemu-helper-native: Re-write bridge helper as C program
qemu-helper-native: Correctly pass program name as argv[0]
scripts: convert-overrides: Allow command-line customizations
classes/populate_sdk_base: Append cleandirs
Justin Bronder (1):
bitbake: asyncrpc: serv: correct closed client socket detection
Kai Kang (3):
mesa: only apply patch to fix ALWAYS_INLINE for native
libuv: fixup SRC_URI
xserver-xorg: 21.1.6 -> 21.1.7
Keiya Nobuta (1):
create-spdx: Remove ";name=..." for downloadLocation
Kenfe-Mickael Laventure (3):
buildtools-tarball: Handle spaces within user $PATH
toolchain-scripts: Handle spaces within user $PATH
populate_sdk_ext: Handle spaces within user $PATH
Khem Raj (11):
tiff: Add packageconfig knob for webp
createrepo-c: Include missing rpm/rpmstring.h
libtirpc: Check if file exists before operating on it
libusb1: Link with latomic only if compiler has no atomic builtins
libusb1: Strip trailing whitespaces
scons: Pass MAXLINELENGTH to scons invocation
scons.bbclass: Make MAXLINELENGTH overridable
libcomps: Fix callback function prototype for PyCOMPS_hash
rpm: Fix hdr_hash function prototype
systemd.bbclass: Add /usr/lib/systemd to searchpaths as well
Revert "runqemu: Add workaround for APIC hang on pre 4.15 kernels on qemux86"
Konrad Weihmann (1):
create-spdx: default share_src for shared sources
Lee Chee Yang (2):
git: Upgrade to 2.37.4
migration-guides: add release-notes for 4.0.7
Leon Anavi (1):
get_module_deps3.py: Check attribute '__file__'
Liam Beguin (1):
meson: make wrapper options sub-command specific
Louis Rannou (1):
oeqa/selftest/locales: Add selftest for locale generation/presence
Luca Boccassi (1):
systemd: add systemd-creds and systemd-cryptenroll to systemd-extra-utils
Luis (1):
rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively
Marek Vasut (5):
bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware
systemd: Make importd depend on glib-2.0 again
bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata
bitbake: fetch2/git: Clarify the meaning of namespace
cpio: Fix wrong CRC with ASCII CRC for large files
Mark Asselstine (1):
bitbake: bitbake: bitbake-layers: checkout layer(s) branch when clone exists
Markus Volk (2):
mesa: update 22.2.0 -> 22.2.2
librsvg: enable vapi build
Marta Rybczynska (1):
cve-update-db-native: avoid incomplete updates
Martin Jansa (12):
vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack
externalsrc.bbclass: fix git repo detection
libxml2: fix test data checksums
meta: remove True option to getVar and getVarFlag calls (again)
timezone: use 'tz' subdir instead of ${WORKDIR} directly
tzdata: use separate B instead of WORKDIR for zic output
tzcode-native: fix build with gcc-13 on host
selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR
bmap-tools: switch to main branch
selftest: runqemu: better check for ROOTFS: in the log
selftest: runqemu: use better error message when asserts fail
runqemu: respect IMAGE_LINK_NAME
Mateusz Marciniec (1):
sstatesig: Improve output hash calculation
Mathieu Dubois-Briand (1):
dbus: Add missing CVE product name
Mauro Queiros (1):
image.bbclass: print all QA functions exceptions
Michael Halstead (3):
uninative: Upgrade to 3.8.1 to include libgcc
selftest/runtime_test/virgl: Disable for all Rocky Linux
uninative: Upgrade to 3.9 to include glibc 2.37
Michael Opdenacker (13):
bitbake: bitbake-user-manual: details about variable flags starting with underscore
create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED
backport SPDX documentation and vulnerability improvements
Expand create-spdx class documentation
Expand cve-check class documentation
manuals: add 4.0.5 and 4.0.6 release notes
dev-manual: fix old override syntax
ref-manual: variables.rst: fix broken hyperlink
profile-manual: update WireShark hyperlinks
bsp-guide: fix broken git URLs and missing word
manuals: update patchwork instance URL
dev-manual: common-tasks.rst: add link to FOSDEM 2023 video
migration-guides: update release notes
Mikko Rapeli (13):
common-tasks.rst: fix oeqa runtime test path
oeqa context.py: fix --target-ip comment to include ssh port number
oeqa ssh.py: move output prints to new line
oeqa ssh.py: add connection keep alive options to ssh client
oeqa dump.py: add error counter and stop after 5 failures
oeqa qemurunner: read more data at a time from serial
oeqa qemurunner.py: add timeout to QMP calls
oeqa qemurunner.py: try to avoid reading one character at a time
oeqa ssh.py: fix hangs in run()
runqemu: kill qemu if it hangs
oeqa rtc.py: skip if read-only-rootfs
oeqa ping.py: avoid busylooping failing ping command
oeqa ping.py: fail test if target IP address has not been set
Ming Liu (1):
linux: inherit pkgconfig in kernel.bbclass
Mingli Yu (6):
grub: disable build on armv7ve/a with hardfp
glslang: branch rename master -> main
mdadm: Fix testcase 06wrmostly
mdadm: fix tests/02lineargrow
mdadm: Fix raid0 tests
report-error: catch Nothing PROVIDES error
Narpat Mali (4):
ffmpeg: fix for CVE-2022-3964
ffmpeg: fix for CVE-2022-3965
libseccomp: fix for the ptest result format
python3-setuptools: fix for CVE-2022-40897
Nathan Rossi (2):
oeqa/selftest/lic_checksum: Cleanup changes to emptytest include
package: Fix handling of minidebuginfo with newer binutils
Niko Mauno (3):
systemd: Consider PACKAGECONFIG in RRECOMMENDS
Fix missing leading whitespace with ':append'
ref-manual: Fix invalid feature name
Ola x Nilsson (1):
kbd: Don't build tests
Ovidiu Panait (1):
kernel.bbclass: remove empty module directories to prevent QA issues
Pavel Zhukov (4):
bitbake: gitsm: Fix regression in gitsm submodule path parsing
oeqa/rpm.py: Increase timeout and add debug output
wic: Fix usage of fstype=none in wic
u-boot: Map arm64 into map for u-boot dts installation
Pawel Zalewski (1):
classes/fs-uuid: Fix command output decoding issue
Peter Bergin (1):
gptfdisk: remove warning message from target system
Peter Kjellerstedt (4):
externalsrc.bbclass: Remove a trailing slash from ${B}
pango: Make it build with ptest disabled
librsvg: Only enable the Vala bindings if GObject Introspection is enabled
devshell: Do not add scripts/git-intercept to PATH
Peter Marko (6):
systemd: add group render to udev package
meta-selftest/staticids: add render group for systemd
externalsrc: fix lookup for .gitmodules
oeqa/selftest/externalsrc: add test for srctree_hash_files
systemd: add group sgx to udev package
gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch
Petr Kubizňák (1):
harfbuzz: remove bindir only if it exists
Piotr Łobacz (1):
systemd: fix wrong nobody-group assignment
Polampalli, Archana (1):
libpam: fix CVE-2022-28321
Qiu, Zheng (3):
tiff: fix a typo for CVE-2022-2953.patch
tiff: Security fix for CVE-2022-3970
vim: upgrade 9.0.0820 -> 9.0.0947
Quentin Schulz (4):
cairo: update patch for CVE-2019-6461 with upstream solution
docs: kernel-dev: faq: update tip on how to not include kernel in image
docs: migration-4.0: specify variable name change for kernel inclusion in image recipe
cairo: fix CVE patches assigned wrong CVE number
Randy MacLeod (3):
valgrind: skip the boost_thread test on arm
vim: upgrade 9.0.0947 -> 9.0.1211
vim: upgrade 9.0.1403 -> 9.0.1429
Ranjitsinh Rathod (1):
curl: Correct LICENSE from MIT-open-group to curl
Ravula Adhitya Siddartha (2):
linux-yocto/5.15: update genericx86* machines to v5.15.72
linux-yocto/5.19: update genericx86* machines to v5.19.14
Richard Purdie (37):
build-appliance-image: Update to langdale head revision
bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse
lttng-modules: upgrade 2.13.5 -> 2.13.7
bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK
gcc-shared-source: Fix source date epoch handling
gcc-source: Fix gengtypes race
gcc-source: Drop gengtype manipulation
gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change
sanity: Drop data finalize call
oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file()
qemu: Ensure libpng dependency is deterministic
yocto-check-layer: Allow OE-Core to be tested
oeqa/concurrencytest: Add number of failures to summary output
build-appliance-image: Update to langdale head revision
bitbake: server/process: Add bitbake.sock race handling
native: Drop special variable handling
kernel/linux-kernel-base: Fix kernel build artefact determinism issues
make-mod-scripts: Ensure kernel build output is deterministic
perf: Enable debug/source packaging
libc-locale: Fix on target locale generation
libssh2: Clean up ptest patch/coverage
build-appliance-image: Update to langdale head revision
bitbake: utils: Allow to_boolean to support int values
bitbake: cookerdata: Remove incorrect SystemExit usage
bitbake: cookerdata: Improve early exception handling
bitbake: cookerdata: Drop dubious exception handling code
binutils: Fix nativesdk ld.so search
oeqa/selftest/prservice: Improve debug output for failure
staging: Separate out different multiconfig manifests
staging/multilib: Fix manifest corruption
glibc: Add missing binutils dependency
selftest/recipetool: Stop test corrupting tinfoil class
base-files: Drop localhost.localdomain from hosts file
pybootchartui: Fix python syntax issue
pybootchart: Fix extents handling to account for cpu/io/mem pressure changes
xdg-utils: Add a patch for CVE-2020-27748
xdg-utils: Fix CVE number
Robert Andersson (1):
go-crosssdk: avoid host contamination by GOCACHE
Robert Joslyn (2):
curl: Backport CVE fixes
curl: Fix CVE-2022-43551 and CVE-2022-43552
Robert Yang (1):
bitbake: fetch/git: Fix local clone url to make it work with repo
Rodolfo Quesada Zumbado (1):
tar: CVE-2022-48303
Romuald JEANNE (1):
image_types: fix vname var init in multiubi_mkfs() function
Romuald Jeanne (1):
image_types: fix multiubi var init
Ross Burton (48):
libx11: apply the fix for CVE-2022-3554
xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific
xserver-xorg: backport fixes for CVE-2022-3550 and CVE-2022-3551
tiff: fix a number of CVEs
qemu: backport the fix for CVE-2022-3165
pango: upgrade 1.50.9 -> 1.50.10
zlib: do out-of-tree builds
zlib: upgrade 1.2.12 -> 1.2.13
bitbake: fetch2/git: don't set core.fsyncobjectfiles=0
pixman: backport fix for CVE-2022-44638
sudo: backport fix for CVE-2022-43995
sanity: check for GNU tar specifically
expat: upgrade to 2.5.0
oeqa/runtime/dnf: rewrite test_dnf_installroot_usrmerge
insane: add codeload.github.com to src-uri-bad check
linux-firmware: don't put the firmware into the sysroot
lib/buildstats: fix parsing of trees with reduced_proc_pressure directories
combo-layer: remove unused import
combo-layer: dont use bb.utils.rename
combo-layer: add sync-revs command
libepoxy: remove upstreamed patch
cve-update-db-native: show IP on failure
pango: upgrade 1.50.11 -> 1.50.12
oeqa/selftest/debuginfod: improve testcase
curl: don't enable debug builds
bitbake: bb/utils: include SSL certificate paths in export_proxies
ppp: backport fix for CVE-2022-4603
quilt: fix intermittent failure in faildiff.test
spirv-headers/spirv-tools: set correct branch name
quilt: use upstreamed faildiff.test fix
git: ignore CVE-2022-41953
buildtools-tarball: set pkg-config search path
sdkext/cases/devtool: pass a logger to HTTPService
httpserver: add error handler that write to the logger
less: backport the fix for CVE-2022-46663
lib/buildstats: handle tasks that never finished
cml1: remove redundant addtask
shadow: ignore CVE-2016-15024
vim: add missing pkgconfig inherit
vim: upgrade to 9.0.1403
vim: set modified-by to the recipe MAINTAINER
meson: remove obsolete RPATH stripping patch
lib/resulttool: fix typo breaking resulttool log --ptest
scripts/lib/buildstats: handle top-level build_stats not being complete
tzdata: upgrade to 2023c
oeqa/runtime: clean up deprecated backslash expansion
xserver-xorg: backport fix for CVE-2023-1393
screen: backport fix for CVE-2023-24626
Ryan Eatmon (1):
go: Update reproducibility patch to fix panic errors
Sakib Sajal (2):
go: update 1.19.2 -> 1.19.3
git: upgrade 2.37.5 -> 2.37.6
Sandeep Gundlupet Raju (3):
libdrm: Remove libdrm-kms package
kernel-fitimage: Adjust order of dtb/dtbo files
kernel-fitimage: Allow user to select dtb when multiple dtb exists
Saul Wold (2):
at: Change when files are copied
busybox: Fix depmod patch
Sean Anderson (3):
uboot-sign: Fix using wrong KEY_REQ_ARGS
kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all
kernel-fitimage: Use KERNEL_OUTPUT_DIR where appropriate
Sergei Zhmylev (2):
wic: honor the SOURCE_DATE_EPOCH in case of updated fstab
wic: make ext2/3/4 images reproducible
Siddharth (1):
harfbuzz: Security fix for CVE-2023-25193
Siddharth Doshi (3):
openssl: Upgrade 3.0.7 -> 3.0.8
epiphany: Security fix for CVE-2023-26081
openssl: Security fix for CVE-2023-0464, CVE-2023-0465, CVE-2023-0466
Soumya (1):
shadow: Fix can not print full login timeout message
Steve Sakoman (8):
poky.conf: bump version for 4.1.1
Revert "sudo: backport fix for CVE-2022-43995"
poky.conf: bump version for 4.1.2
poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder
system-requirements.rst: Add Fedora 36, AlmaLinux 8.7 & 9.1, and OpenSUSE 15.4 to list of supported distros
poky.conf: bump version for 4.1.3
poky.conf: bump version for 4.1.4
build-appliance-image: Update to langdale head revision
Sudip Mukherjee (1):
libgit2: update license information
Teoh Jay Shen (1):
vim: Upgrade 9.0.0598 -> 9.0.0614
Thomas Perrot (1):
xserver-xorg: move some recommended dependencies in required
Thomas Roos (1):
devtool: fix devtool finish when gitmodules file is empty
Tim Orling (7):
vim: upgrade 9.0.0614 -> 9.0.0820
python3-mako: upgrade 1.2.2 -> 1.2.3
mirrors.bbclass: update CPAN_MIRROR
bitbake: toaster: fixtures/README: django 1.8 -> 3.2
bitbake: toaster: fixtures/gen_fixtures.py: update branches
bitbake: toaster: Add refreshed oe-core and poky fixtures
cracklib: update github branch to 'main'
Tobias Hagelborn (2):
sstate.bbclass: Fetch non-existing local .sig files if needed
lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign
Tom Hochstein (2):
meson: Fix wrapper handling of implicit setup command
oeqa/sdk: Improve Meson test
Trevor Woerner (3):
cups: use BUILDROOT instead of DESTDIR
cups: check PACKAGECONFIG for pam feature
cups: add/fix web interface packaging
Ulrich Ölmann (4):
recipe_sanity: fix old override syntax
lsof: fix old override syntax
update-alternatives: fix typos
kernel-yocto: fix kernel-meta data detection
Vincent Davis Jr (1):
linux-firmware: package amdgpu firmware
Vivek Kumbhar (1):
openssl: fix CVE-2022-3996 double locking leads to denial of service
Vyacheslav Yurkov (1):
overlayfs: Allow not used mount points
Wang Mingyu (26):
bind: upgrade 9.18.7 -> 9.18.8
inetutils: upgrade 2.3 -> 2.4
socat: upgrade 1.7.4.3 -> 1.7.4.4
libxcrypt: upgrade 4.4.28 -> 4.4.30
xwayland: upgrade 22.1.4 -> 22.1.5
sysstat: upgrade 12.6.0 -> 12.6.1
mobile-broadband-provider-info: upgrade 20220725 -> 20221107
libsdl2: upgrade 2.24.1 -> 2.24.2
mesa: upgrade 22.2.2 -> 22.2.3
babeltrace: upgrade 1.5.8 -> 1.5.11
iso-codes: upgrade 4.11.0 -> 4.12.0
bind: upgrade 9.18.8 -> 9.18.9
libxcrypt-compat: upgrade 4.4.30 -> 4.4.33
mpfr: upgrade 4.1.0 -> 4.1.1
libpng: upgrade 1.6.38 -> 1.6.39
help2man: upgrade 1.49.2 -> 1.49.3
gstreamer1.0: upgrade 1.20.4 -> 1.20.5
bind: upgrade 9.18.9 -> 9.18.10
libjpeg-turbo: upgrade 2.1.5 -> 2.1.5.1
xwayland: upgrade 22.1.7 -> 22.1.8
iso-codes: upgrade 4.12.0 -> 4.13.0
libmicrohttpd: upgrade 0.9.75 -> 0.9.76
lua: Fix install conflict when enable multilib.
vala: Fix install conflict when enable multilib.
dhcpcd: Fix install conflict when enable multilib.
xcb-proto: Fix install conflict when enable multilib.
Xiangyu Chen (7):
sudo: upgrade 1.9.11p3 -> 1.9.12p1
grub: backport patches to fix CVE-2022-28736
openssh: remove RRECOMMENDS to rng-tools for sshd package
grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
numactl: skip test case when target platform doesn't have 2 CPU node
dhcpcd: fix dhcpcd start failure on qemuppc64
sudo: update 1.9.13p2 -> 1.9.13p3
Zoltan Boszormenyi (1):
piglit: Fix build time dependency
ciarancourtney (1):
wic: swap partitions are not added to fstab
leimaohui (1):
libpng: Enable NEON for aarch64 to enensure consistency with arm32.
pgowda (1):
binutils: Add patch to fix CVE-2022-4285
wangmy (13):
meson: upgrade 0.63.2 -> 0.63.3
mtools: upgrade 4.0.40 -> 4.0.41
ifupdown: upgrade 0.8.37 -> 0.8.39
gnutls: upgrade 3.7.7 -> 3.7.8
libcap: upgrade 2.65 -> 2.66
libical: upgrade 3.0.14 -> 3.0.15
numactl: upgrade 2.0.15 -> 2.0.16
wpebackend-fdo: upgrade 1.12.1 -> 1.14.0
libksba: upgrade 1.6.0 -> 1.6.2
libsdl2: upgrade 2.24.0 -> 2.24.1
lttng-ust: upgrade 2.13.4 -> 2.13.5
lighttpd: upgrade 1.4.66 -> 1.4.67
dbus: upgrade 1.14.0 -> 1.14.4
meta-security: 2aa48e6f4e..a4562b1912:
Anton Antonov (2):
Flush caches after OEQA tests
Fix PACKAGECONFIG check in Parsec OEQA tests
Armin Kuster (2):
packagegroup-security-tpm2: restore pkgs removed earlier
Revert "meta-parsec/layer.conf: Insert addpylib declaration"
Peter Hoyes (1):
meta-parsec/layer.conf: Insert addpylib declaration
meta-raspberrypi: 722c51647c..8e3cbfa598:
Andrei Gherzan (2):
ci: Bump actions/checkout to v3
ci: Fix dco-check job with newer git versions
Florin Sarbu (1):
udev-rules-rpi: Use 99-com.rules directly from upstream
Martin Jansa (1):
raspberrypi4-64: drop DEFAULTTUNE assignment
Sung Gon Kim (1):
libcamera: rename bbappend to match any version
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I394eff2a339089121317b9dfb1a2ff4dfcae3339
Diffstat (limited to 'meta-arm/meta-arm-bsp/recipes-security/trusted-services')
32 files changed, 255 insertions, 123 deletions
diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch index 801905d97a..c44885cf04 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0001-Add-openamp-to-SE-proxy-deployment.patch @@ -1,7 +1,7 @@ -From 7c9589c4bb056db5e1696f2a777891ab235b1b63 Mon Sep 17 00:00:00 2001 +From 13de79cd4f0d25b812e5f4ad4a19bc075496be83 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 16:36:51 +0000 -Subject: [PATCH 01/19] Add openamp to SE proxy deployment +Subject: [PATCH 01/20] Add openamp to SE proxy deployment Openamp is required to communicate between secure partitions(running on Cortex-A) and trusted-firmware-m(running on Cortex-M). @@ -283,5 +283,5 @@ index 000000000000..449f35f4fda4 +set_property(TARGET openamp PROPERTY IMPORTED_LOCATION "${OPENAMP_INSTALL_DIR}/lib/${CMAKE_STATIC_LIBRARY_PREFIX}open_amp${CMAKE_STATIC_LIBRARY_SUFFIX}") +set_property(TARGET openamp PROPERTY INTERFACE_INCLUDE_DIRECTORIES "${OPENAMP_INSTALL_DIR}/include") -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch index 39edc9d1e3..0371a7a418 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch @@ -1,7 +1,7 @@ -From e4ccb92f8de94a82edd3548d62c853790ae36bd1 Mon Sep 17 00:00:00 2001 +From 28aedac78016e5063ebd675a43e6c3655f87b442 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 18:00:46 +0000 -Subject: [PATCH 02/19] Implement mhu driver and the OpenAmp conversion layer. +Subject: [PATCH 02/20] Implement mhu driver and the OpenAmp conversion layer. This commit adds an mhu driver (v2.1 and v2) to the secure partition se_proxy and a conversion layer to communicate with @@ -1087,5 +1087,5 @@ index 000000000000..bb778bb9719b +# include MHU driver +include(${TS_ROOT}/platform/drivers/arm/mhu_driver/component.cmake) -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch index bf52a2382b..5686face15 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0003-Add-openamp-rpc-caller.patch @@ -1,7 +1,7 @@ -From e187510a814b48b7b2e477a9913ee35b68522d06 Mon Sep 17 00:00:00 2001 +From 55394c4c9681af71b1ed7f7ebc7c44b2e1737113 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:00:54 +0000 -Subject: [PATCH 03/19] Add openamp rpc caller +Subject: [PATCH 03/20] Add openamp rpc caller Upstream-Status: Pending Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com> @@ -1192,5 +1192,5 @@ index d39873a0fe81..34fe5ff1b925 100644 # Stub service provider backends "components/rpc/dummy" -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch index 3246224560..84d418c131 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0004-add-psa-client-definitions-for-ff-m.patch @@ -1,7 +1,7 @@ -From 8c1bc5a7ae525d64802e2a06746f698f54cf07ca Mon Sep 17 00:00:00 2001 +From fb6d2f33e26c7b6ef88d552feca1f835da3f0df6 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:05:18 +0000 -Subject: [PATCH 04/19] add psa client definitions for ff-m +Subject: [PATCH 04/20] add psa client definitions for ff-m Add PSA client definitions in common include to add future ff-m support. @@ -294,5 +294,5 @@ index 000000000000..aaa973c6e987 + +#endif /* __PSA_MANIFEST_SID_H__ */ -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch index e179fb035a..df3cb2f4c2 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0005-Add-common-service-component-to-ipc-support.patch @@ -1,7 +1,7 @@ -From e9778f726ed582360152f150301995b10d268aae Mon Sep 17 00:00:00 2001 +From 0311fc8f131fe7a2b0f4dd9988c610fda47394aa Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:13:03 +0000 -Subject: [PATCH 05/19] Add common service component to ipc support +Subject: [PATCH 05/20] Add common service component to ipc support Add support for inter processor communication for PSA including, the openamp client side structures lib. @@ -291,5 +291,5 @@ index 34fe5ff1b925..dd0c5d00c21e 100644 "components/service/discovery/provider" "components/service/discovery/provider/serializer/packed-c" -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch index cac43ec4bc..74a83777df 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0006-Add-secure-storage-ipc-backend.patch @@ -1,7 +1,7 @@ -From 0df82487a7a253c601ca20ca1bd64fbb9ed64230 Mon Sep 17 00:00:00 2001 +From ed4371d63cb52c121be9678bc225055944286c30 Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:19:24 +0000 -Subject: [PATCH 06/19] Add secure storage ipc backend +Subject: [PATCH 06/20] Add secure storage ipc backend Add secure storage ipc ff-m implementation which may use openamp as rpc to communicate with other processor. @@ -519,5 +519,5 @@ index dd0c5d00c21e..cd51460406ca 100644 "components/service/attestation/provider" "components/service/attestation/provider/serializer/packed-c" -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch index 192e9768bd..ad33295d41 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch @@ -1,7 +1,7 @@ -From 9c7f1e6a5eb9ab887e568cfa3c2003583d387bc9 Mon Sep 17 00:00:00 2001 +From d1377a5ed909e3a1d9caca56aeda262a80322a4b Mon Sep 17 00:00:00 2001 From: Vishnu Banavath <vishnu.banavath@arm.com> Date: Fri, 3 Dec 2021 19:25:34 +0000 -Subject: [PATCH 07/19] Use secure storage ipc and openamp for se_proxy +Subject: [PATCH 07/20] Use secure storage ipc and openamp for se_proxy Remove mock up backend for secure storage in se proxy deployment and use instead the secure storage ipc backend with @@ -59,5 +59,5 @@ index acfb6e8873fa..57290056d614 100644 return secure_storage_provider_init(&ps_provider, backend); } -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch index ce7aacf3cd..ab57688276 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0008-Run-psa-arch-test.patch @@ -1,7 +1,7 @@ -From d9169d380366afc63af5d4bf02791aeb41f47897 Mon Sep 17 00:00:00 2001 +From 1b50ab6b6ff1c6f27ab320e18fb0d4aeb1122f0d Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 12 Dec 2021 10:43:48 +0000 -Subject: [PATCH 08/19] Run psa-arch-test +Subject: [PATCH 08/20] Run psa-arch-test Fixes needed to run psa-arch-test @@ -68,5 +68,5 @@ index 4f6ba2a7d822..1fd6b40dc803 100644 }; -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch index ca0c9d9575..3295fa9bd9 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0009-Use-address-instead-of-pointers.patch @@ -1,7 +1,7 @@ -From ee767c1ae857cfcc8b4bb520b2558091e253cf94 Mon Sep 17 00:00:00 2001 +From a6fba503ffddae004e23b32559212e749e8586f6 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 12 Dec 2021 10:57:17 +0000 -Subject: [PATCH 09/19] Use address instead of pointers +Subject: [PATCH 09/20] Use address instead of pointers Since secure enclave is 32bit and we 64bit there is an issue in the protocol communication design that force us to handle @@ -164,5 +164,5 @@ index a1f369db253e..bda442a61d5c 100644 (void)client_id; -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch index d47b0decf5..2d0725cb24 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0010-Add-psa-ipc-attestation-to-se-proxy.patch @@ -1,7 +1,7 @@ -From afdeb8e098a1f2822adf2ea83ded8dd9e2d021ba Mon Sep 17 00:00:00 2001 +From b142f3c162fb1c28982d26b5ac2181ba79197a28 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Tue, 7 Dec 2021 11:50:00 +0000 -Subject: [PATCH 10/19] Add psa ipc attestation to se proxy +Subject: [PATCH 10/20] Add psa ipc attestation to se proxy Implement attestation client API as psa ipc and include it to se proxy deployment. @@ -16,12 +16,15 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> .../reporter/psa_ipc/psa_ipc_attest_report.c | 45 ++++++++++ components/service/common/include/psa/sid.h | 4 + .../se-proxy/common/service_proxy_factory.c | 6 ++ - deployments/se-proxy/se-proxy.cmake | 3 +- - 7 files changed, 169 insertions(+), 1 deletion(-) + deployments/se-proxy/se-proxy.cmake | 7 +- + ...ble-using-hard-coded-attestation-key.patch | 29 ------- + external/psa_arch_tests/psa_arch_tests.cmake | 4 - + 9 files changed, 171 insertions(+), 36 deletions(-) create mode 100644 components/service/attestation/client/psa_ipc/component.cmake create mode 100644 components/service/attestation/client/psa_ipc/iat_ipc_client.c create mode 100644 components/service/attestation/reporter/psa_ipc/component.cmake create mode 100644 components/service/attestation/reporter/psa_ipc/psa_ipc_attest_report.c + delete mode 100644 external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch diff --git a/components/service/attestation/client/psa_ipc/component.cmake b/components/service/attestation/client/psa_ipc/component.cmake new file mode 100644 @@ -243,10 +246,10 @@ index 57290056d614..4b8cceccbe4d 100644 attest_provider_register_serializer(&attest_provider, TS_RPC_ENCODING_PACKED_C, packedc_attest_provider_serializer_instance()); diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake -index cd51460406ca..38d26821d44d 100644 +index cd51460406ca..3dbbc36c968d 100644 --- a/deployments/se-proxy/se-proxy.cmake +++ b/deployments/se-proxy/se-proxy.cmake -@@ -49,12 +49,13 @@ add_components(TARGET "se-proxy" +@@ -49,14 +49,15 @@ add_components(TARGET "se-proxy" "components/service/attestation/include" "components/service/attestation/provider" "components/service/attestation/provider/serializer/packed-c" @@ -258,9 +261,63 @@ index cd51460406ca..38d26821d44d 100644 "components/rpc/dummy" "components/rpc/common/caller" - "components/service/attestation/reporter/stub" - "components/service/attestation/key_mngr/stub" - "components/service/crypto/backend/stub" +- "components/service/attestation/key_mngr/stub" +- "components/service/crypto/backend/stub" ++ "components/service/attestation/key_mngr/local" ++ "components/service/crypto/backend/psa_ipc" "components/service/crypto/client/psa" + "components/service/secure_storage/backend/mock_store" + ) +diff --git a/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch b/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch +deleted file mode 100644 +index 6664961ab662..000000000000 +--- a/external/psa_arch_tests/0001-Disable-using-hard-coded-attestation-key.patch ++++ /dev/null +@@ -1,29 +0,0 @@ +-From dbd25f94eb62a9855bf342dd97503a49ea50f83e Mon Sep 17 00:00:00 2001 +-From: Gyorgy Szing <Gyorgy.Szing@arm.com> +-Date: Tue, 8 Feb 2022 17:06:37 +0000 +-Subject: [PATCH 1/1] Disable using hard-coded attestation key +- +-Modify platform config to disable using a hard-coded attestation +-key. +- +-Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com> +---- +- api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h | 2 +- +- 1 file changed, 1 insertion(+), 1 deletion(-) +- +-diff --git a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h +-index 6112ba7..1cdf581 100755 +---- a/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h +-+++ b/api-tests/platform/targets/tgt_dev_apis_linux/nspe/pal_config.h +-@@ -60,7 +60,7 @@ typedef uint32_t cfg_id_t; +- #define CRYPTO_VERSION_BETA3 +- +- /* Use hardcoded public key */ +--#define PLATFORM_OVERRIDE_ATTEST_PK +-+//#define PLATFORM_OVERRIDE_ATTEST_PK +- +- /* +- * Include of PSA defined Header files +--- +-2.17.1 +- +diff --git a/external/psa_arch_tests/psa_arch_tests.cmake b/external/psa_arch_tests/psa_arch_tests.cmake +index a8b77a1fc05e..1995df3e0b49 100644 +--- a/external/psa_arch_tests/psa_arch_tests.cmake ++++ b/external/psa_arch_tests/psa_arch_tests.cmake +@@ -15,10 +15,6 @@ set(GIT_OPTIONS + GIT_REPOSITORY ${PSA_ARCH_TESTS_URL} + GIT_TAG ${PSA_ARCH_TESTS_REFSPEC} + GIT_SHALLOW FALSE +- PATCH_COMMAND git stash +- COMMAND git tag -f ts-before-am +- COMMAND git am ${CMAKE_CURRENT_LIST_DIR}/0001-Disable-using-hard-coded-attestation-key.patch +- COMMAND git reset ts-before-am + ) + + # Ensure list of defines is separated correctly -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch index 988fbbecdd..5803cc17dc 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch @@ -1,7 +1,7 @@ -From 94770f9660154bb1157e19c11fb706889a81ae73 Mon Sep 17 00:00:00 2001 +From 4240977f7c38950f5edb316bb08ae05cb7b99875 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Thu, 9 Dec 2021 14:11:06 +0000 -Subject: [PATCH 11/19] Setup its backend as openamp rpc using secure storage +Subject: [PATCH 11/20] Setup its backend as openamp rpc using secure storage ipc implementation. Upstream-Status: Pending @@ -159,5 +159,5 @@ index 4b8cceccbe4d..1110ac46bf8b 100644 + return secure_storage_provider_init(&its_provider, backend); } -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch index fdc39b0d3c..67ea7b8c56 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0012-add-psa-ipc-crypto-backend.patch @@ -1,7 +1,7 @@ -From 896b5009bb07c4b53541290e1712856063411107 Mon Sep 17 00:00:00 2001 +From 0b5d96b1a9f927dc141047600edf2249af7022c5 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Thu, 9 Dec 2021 14:17:39 +0000 -Subject: [PATCH 12/19] add psa ipc crypto backend +Subject: [PATCH 12/20] add psa ipc crypto backend Add psa ipc crypto backend and attach it to se proxy deployment. @@ -36,9 +36,8 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> .../crypto/include/psa/crypto_client_struct.h | 8 +- .../service/crypto/include/psa/crypto_sizes.h | 2 +- .../se-proxy/common/service_proxy_factory.c | 15 +- - deployments/se-proxy/se-proxy.cmake | 2 +- .../providers/arm/corstone1000/platform.cmake | 2 + - 29 files changed, 2293 insertions(+), 11 deletions(-) + 28 files changed, 2292 insertions(+), 10 deletions(-) create mode 100644 components/service/crypto/backend/psa_ipc/component.cmake create mode 100644 components/service/crypto/backend/psa_ipc/crypto_ipc_backend.c create mode 100644 components/service/crypto/backend/psa_ipc/crypto_ipc_backend.h @@ -2556,19 +2555,6 @@ index 1110ac46bf8b..7edeef8b434a 100644 return crypto_iface; } -diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake -index 38d26821d44d..f647190d9559 100644 ---- a/deployments/se-proxy/se-proxy.cmake -+++ b/deployments/se-proxy/se-proxy.cmake -@@ -57,7 +57,7 @@ add_components(TARGET "se-proxy" - "components/rpc/dummy" - "components/rpc/common/caller" - "components/service/attestation/key_mngr/stub" -- "components/service/crypto/backend/stub" -+ "components/service/crypto/backend/psa_ipc" - "components/service/crypto/client/psa" - "components/service/secure_storage/backend/mock_store" - ) diff --git a/platform/providers/arm/corstone1000/platform.cmake b/platform/providers/arm/corstone1000/platform.cmake index bb778bb9719b..51e5faa3e4d8 100644 --- a/platform/providers/arm/corstone1000/platform.cmake @@ -2580,5 +2566,5 @@ index bb778bb9719b..51e5faa3e4d8 100644 + +add_compile_definitions(MBEDTLS_ECP_DP_SECP521R1_ENABLED) -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch index 1a6e8f50f1..0040e12727 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0013-Add-stub-capsule-update-service-components.patch @@ -1,7 +1,7 @@ -From 6b8ebdeb8caa6326ae2a4befaf4410a7a54d4e02 Mon Sep 17 00:00:00 2001 +From 050be6fdfee656b0556766cc1db30f4c0ea87c79 Mon Sep 17 00:00:00 2001 From: Julian Hall <julian.hall@arm.com> Date: Tue, 12 Oct 2021 15:45:41 +0100 -Subject: [PATCH 13/19] Add stub capsule update service components +Subject: [PATCH 13/20] Add stub capsule update service components To facilitate development of a capsule update service provider, stub components are added to provide a starting point for an @@ -338,7 +338,7 @@ index 298d407a2371..02aa7fe2550d 100644 #ifdef __cplusplus } diff --git a/deployments/se-proxy/se-proxy.cmake b/deployments/se-proxy/se-proxy.cmake -index f647190d9559..e35b0d0f610d 100644 +index 3dbbc36c968d..f0db2d43f443 100644 --- a/deployments/se-proxy/se-proxy.cmake +++ b/deployments/se-proxy/se-proxy.cmake @@ -51,6 +51,7 @@ add_components(TARGET "se-proxy" @@ -432,5 +432,5 @@ index 000000000000..285d924186be + +#endif /* CAPSULE_UPDATE_PARAMETERS_H */ -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch index 52c793cc12..22b1da6906 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0014-Configure-storage-size.patch @@ -1,7 +1,7 @@ -From a71b26f867f1b4a08285d6da82528de6a54321f2 Mon Sep 17 00:00:00 2001 +From 229ec29154a4404426ad3083af68ca111a214e13 Mon Sep 17 00:00:00 2001 From: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com> Date: Thu, 16 Dec 2021 21:31:40 +0000 -Subject: [PATCH 14/19] Configure storage size +Subject: [PATCH 14/20] Configure storage size Upstream-Status: Pending Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> @@ -10,7 +10,7 @@ Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c -index 715ccc3cb546..aeb8a22062b7 100644 +index 611e2e225c6b..6c3b9ed81c25 100644 --- a/components/service/smm_variable/backend/uefi_variable_store.c +++ b/components/service/smm_variable/backend/uefi_variable_store.c @@ -88,6 +88,7 @@ static efi_status_t check_name_terminator( @@ -38,5 +38,5 @@ index 715ccc3cb546..aeb8a22062b7 100644 context->owner_id = owner_id; -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch index a8f5559d10..426f2ca5c4 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch @@ -1,7 +1,7 @@ -From 3cc9c417f12f005244530d8d706a6b7f3be35627 Mon Sep 17 00:00:00 2001 +From cf83184500703f9b4f2ac04be59cc7d624d8fd66 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 13 Feb 2022 09:01:10 +0000 -Subject: [PATCH 15/19] Fix: Crypto interface structure aligned with tf-m +Subject: [PATCH 15/20] Fix: Crypto interface structure aligned with tf-m change. NO NEED TO RAISE PR: The PR for this FIX is raied by Emek. @@ -27,5 +27,5 @@ index c13c20e84131..ec25eaf868c7 100644 * AEAD until the API is * restructured -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch index a0911970e6..a59d140023 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0016-Integrate-remaining-psa-ipc-client-APIs.patch @@ -1,7 +1,7 @@ -From c54afe45c1be25c4819b0f762cf03a24e6343ce5 Mon Sep 17 00:00:00 2001 +From 551d8722769fa2f2d2ac74adcb289333a9b03598 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Sun, 13 Feb 2022 09:49:51 +0000 -Subject: [PATCH 16/19] Integrate remaining psa-ipc client APIs. +Subject: [PATCH 16/20] Integrate remaining psa-ipc client APIs. Upstream-Status: Pending Signed-off-by: Satish Kumar <satish.kumar01@arm.com> @@ -490,5 +490,5 @@ index e16f6e5450af..cc9279ee79f2 100644 } #endif -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch index e7c1dc33f8..4adcd90a5f 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch @@ -1,7 +1,7 @@ -From b1ff44c650ae82f364a2f74059eeb280996dc4f8 Mon Sep 17 00:00:00 2001 +From 5a5e162e17c9decb04b3b2905a0fb604e8f06e91 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Mon, 14 Feb 2022 17:52:00 +0000 -Subject: [PATCH 17/19] Fix : update psa_set_key_usage_flags definition to the +Subject: [PATCH 17/20] Fix : update psa_set_key_usage_flags definition to the latest from the tf-m Upstream-Status: Pending @@ -36,5 +36,5 @@ index 1bc55e375eea..b4a7ed4b39d3 100644 } -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch index 9ab1157ead..c1598a9e11 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch @@ -1,11 +1,10 @@ -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> - -From a1da63a8c4d55d52321608a72129af49e0a498b2 Mon Sep 17 00:00:00 2001 +From 1a4d46fdc0b5745b9cfb0789e4b778111bd6dbbb Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Mon, 14 Feb 2022 08:22:25 +0000 -Subject: [PATCH 18/19] Fixes in AEAD for psa-arch test 54 and 58. +Subject: [PATCH 18/20] Fixes in AEAD for psa-arch test 54 and 58. +Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com> Signed-off-by: Satish Kumar <satish.kumar01@arm.com> Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> --- @@ -118,5 +117,5 @@ index 0be266b52403..435fd3b523ce 100644 /* Variable length input parameter tags */ -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch index 984e2977d2..02c89d895e 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0019-plat-corstone1000-change-default-smm-values.patch @@ -1,7 +1,7 @@ -From 07ad7e1f7ba06045bf331d5b73a6adf38a098fb7 Mon Sep 17 00:00:00 2001 +From c519bae79629bfe551d79cfeb4e7d8a059545145 Mon Sep 17 00:00:00 2001 From: Rui Miguel Silva <rui.silva@linaro.org> Date: Tue, 11 Oct 2022 10:46:10 +0100 -Subject: [PATCH 19/19] plat: corstone1000: change default smm values +Subject: [PATCH 19/20] plat: corstone1000: change default smm values Smm gateway uses SE proxy to route the calls for any NV storage so set the NV_STORE_SN. @@ -33,5 +33,5 @@ index 51e5faa3e4d8..04b629a81906 100644 + SMM_GATEWAY_MAX_UEFI_VARIABLES=100 +) -- -2.38.0 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch index 79429c7747..ce40df0fd8 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0020-FMP-Support-in-Corstone1000.patch @@ -1,7 +1,7 @@ -From 6430bf31a25a1ef67e9141f85dbd070feb0d1a1e Mon Sep 17 00:00:00 2001 +From 70cf374fb55f2d62ecbe28049253df33b42b6749 Mon Sep 17 00:00:00 2001 From: Satish Kumar <satish.kumar01@arm.com> Date: Fri, 8 Jul 2022 09:48:06 +0100 -Subject: [PATCH] FMP Support in Corstone1000. +Subject: [PATCH 20/20] FMP Support in Corstone1000. The FMP support is used by u-boot to pupolate ESRT information for the kernel. @@ -11,6 +11,7 @@ The solution is platform specific and needs to be revisted. Signed-off-by: Satish Kumar <satish.kumar01@arm.com> Upstream-Status: Inappropriate [The solution is platform specific and needs to be revisted] +Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> --- .../provider/capsule_update_provider.c | 5 + .../capsule_update/provider/component.cmake | 1 + @@ -21,7 +22,7 @@ Upstream-Status: Inappropriate [The solution is platform specific and needs to b create mode 100644 components/service/capsule_update/provider/corstone1000_fmp_service.h diff --git a/components/service/capsule_update/provider/capsule_update_provider.c b/components/service/capsule_update/provider/capsule_update_provider.c -index 9bbd7abc..871d6bcf 100644 +index e133753f8560..991a2235cd73 100644 --- a/components/service/capsule_update/provider/capsule_update_provider.c +++ b/components/service/capsule_update/provider/capsule_update_provider.c @@ -11,6 +11,7 @@ @@ -58,7 +59,7 @@ index 9bbd7abc..871d6bcf 100644 default: EMSG("%s unsupported opcode", __func__); diff --git a/components/service/capsule_update/provider/component.cmake b/components/service/capsule_update/provider/component.cmake -index 1d412eb2..6b060149 100644 +index 1d412eb234d9..6b0601494938 100644 --- a/components/service/capsule_update/provider/component.cmake +++ b/components/service/capsule_update/provider/component.cmake @@ -10,4 +10,5 @@ endif() @@ -69,7 +70,7 @@ index 1d412eb2..6b060149 100644 ) diff --git a/components/service/capsule_update/provider/corstone1000_fmp_service.c b/components/service/capsule_update/provider/corstone1000_fmp_service.c new file mode 100644 -index 00000000..6a7a47a7 +index 000000000000..6a7a47a7ed99 --- /dev/null +++ b/components/service/capsule_update/provider/corstone1000_fmp_service.c @@ -0,0 +1,307 @@ @@ -382,7 +383,7 @@ index 00000000..6a7a47a7 +} diff --git a/components/service/capsule_update/provider/corstone1000_fmp_service.h b/components/service/capsule_update/provider/corstone1000_fmp_service.h new file mode 100644 -index 00000000..95fba2a0 +index 000000000000..95fba2a04d5c --- /dev/null +++ b/components/service/capsule_update/provider/corstone1000_fmp_service.h @@ -0,0 +1,26 @@ @@ -413,5 +414,5 @@ index 00000000..95fba2a0 + +#endif /* CORSTONE1000_FMP_SERVICE_H */ -- -2.17.1 +2.38.1 diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch new file mode 100644 index 0000000000..87c053fcc6 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch @@ -0,0 +1,35 @@ +From 6d3cac6f3a6e977e9330c9c06514a372ade170a2 Mon Sep 17 00:00:00 2001 +From: Emekcan <emekcan.aras@arm.com> +Date: Wed, 2 Nov 2022 09:58:27 +0000 +Subject: [PATCH] smm_gateway: add checks for null attributes + +As par EDK-2 and EDK-2 test code, setVariable() with 0 +attributes means a delete variable request. Currently, +smm gatway doesn't handle this scenario. This commit adds +that support. + +Upstream-Status: Pending +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +--- + components/service/smm_variable/backend/uefi_variable_store.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c +index 6c3b9ed8..a691dc5d 100644 +--- a/components/service/smm_variable/backend/uefi_variable_store.c ++++ b/components/service/smm_variable/backend/uefi_variable_store.c +@@ -202,9 +202,9 @@ efi_status_t uefi_variable_store_set_variable( + if (info->is_variable_set) { + + /* It's a request to update to an existing variable */ +- if (!(var->Attributes & ++ if (!(var->Attributes) || (!(var->Attributes & + (EFI_VARIABLE_APPEND_WRITE | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS_MASK)) && +- !var->DataSize) { ++ !var->DataSize)) { + + /* It's a remove operation - for a remove, the variable + * data must be removed from the storage backend before +-- +2.17.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch new file mode 100644 index 0000000000..ed4e6e27a3 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch @@ -0,0 +1,33 @@ +From 2aa665ad2cb13bc79b645db41686449a47593aab Mon Sep 17 00:00:00 2001 +From: Emekcan <emekcan.aras@arm.com> +Date: Thu, 3 Nov 2022 17:43:40 +0000 +Subject: [PATCH] smm_gateway: GetNextVariableName Fix + +GetNextVariableName() should return EFI_BUFFER_TOO_SMALL +when NameSize is smaller than the actual NameSize. It +currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting +max_name_len incorrectly. This fixes max_name_len error by +replacing it with actual NameSize request by u-boot. + +Upstream-Status: Pending +Signed-off-by: Emekcan Aras <emekcan.aras@arm.com> +--- + .../service/smm_variable/provider/smm_variable_provider.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/components/service/smm_variable/provider/smm_variable_provider.c b/components/service/smm_variable/provider/smm_variable_provider.c +index a9679b7e..6a4b6fa7 100644 +--- a/components/service/smm_variable/provider/smm_variable_provider.c ++++ b/components/service/smm_variable/provider/smm_variable_provider.c +@@ -197,7 +197,7 @@ static rpc_status_t get_next_variable_name_handler(void *context, struct call_re + efi_status = uefi_variable_store_get_next_variable_name( + &this_instance->variable_store, + (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data, +- max_name_len, ++ ((SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data)->NameSize, + &resp_buf->data_len); + } + else { +-- +2.17.1 + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/ts-psa-crypto-api-test/0001-corstone1000-port-crypto-config.patch b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0001-corstone1000-port-crypto-config.patch index c7289562bd..c7289562bd 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/ts-psa-crypto-api-test/0001-corstone1000-port-crypto-config.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/corstone1000/psa-apitest/0001-corstone1000-port-crypto-config.patch diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_git.bbappend new file mode 100644 index 0000000000..a885d38797 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/libts_git.bbappend @@ -0,0 +1,10 @@ +MACHINE_TS_REQUIRE ?= "" +MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" + +require ${MACHINE_TS_REQUIRE} + + +EXTRA_OECMAKE:append:corstone1000 = "-DMM_COMM_BUFFER_ADDRESS=0x02000000 \ + -DMM_COMM_BUFFER_PAGE_COUNT=1 \ + " + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc index 03f7dff2ef..e97fb5937a 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc @@ -1,29 +1,26 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000:" -SRC_URI:append = " \ - file://0001-Add-openamp-to-SE-proxy-deployment.patch \ - file://0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch \ - file://0003-Add-openamp-rpc-caller.patch \ - file://0004-add-psa-client-definitions-for-ff-m.patch \ - file://0005-Add-common-service-component-to-ipc-support.patch \ - file://0006-Add-secure-storage-ipc-backend.patch \ - file://0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch \ - file://0008-Run-psa-arch-test.patch \ - file://0009-Use-address-instead-of-pointers.patch \ - file://0010-Add-psa-ipc-attestation-to-se-proxy.patch \ - file://0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch \ - file://0012-add-psa-ipc-crypto-backend.patch \ - file://0013-Add-stub-capsule-update-service-components.patch \ - file://0014-Configure-storage-size.patch \ - file://0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch \ - file://0016-Integrate-remaining-psa-ipc-client-APIs.patch \ - file://0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch \ - file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch \ - file://0019-plat-corstone1000-change-default-smm-values.patch \ - file://0020-FMP-Support-in-Corstone1000.patch \ - " - - -EXTRA_OECMAKE:append = "-DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ - -DMM_COMM_BUFFER_PAGE_COUNT="1" \ +SRC_URI:append:corstone1000 = " \ + file://0001-Add-openamp-to-SE-proxy-deployment.patch;patchdir=../trusted-services \ + file://0002-Implement-mhu-driver-and-the-OpenAmp-conversion-laye.patch;patchdir=../trusted-services \ + file://0003-Add-openamp-rpc-caller.patch;patchdir=../trusted-services \ + file://0004-add-psa-client-definitions-for-ff-m.patch;patchdir=../trusted-services \ + file://0005-Add-common-service-component-to-ipc-support.patch;patchdir=../trusted-services \ + file://0006-Add-secure-storage-ipc-backend.patch;patchdir=../trusted-services \ + file://0007-Use-secure-storage-ipc-and-openamp-for-se_proxy.patch;patchdir=../trusted-services \ + file://0008-Run-psa-arch-test.patch;patchdir=../trusted-services \ + file://0009-Use-address-instead-of-pointers.patch;patchdir=../trusted-services \ + file://0010-Add-psa-ipc-attestation-to-se-proxy.patch;patchdir=../trusted-services \ + file://0011-Setup-its-backend-as-openamp-rpc-using-secure-storag.patch;patchdir=../trusted-services;patchdir=../trusted-services \ + file://0012-add-psa-ipc-crypto-backend.patch;patchdir=../trusted-services \ + file://0013-Add-stub-capsule-update-service-components.patch;patchdir=../trusted-services \ + file://0014-Configure-storage-size.patch;patchdir=../trusted-services \ + file://0015-Fix-Crypto-interface-structure-aligned-with-tf-m-cha.patch;patchdir=../trusted-services;patchdir=../trusted-services \ + file://0016-Integrate-remaining-psa-ipc-client-APIs.patch;patchdir=../trusted-services \ + file://0017-Fix-update-psa_set_key_usage_flags-definition-to-the.patch;patchdir=../trusted-services;patchdir=../trusted-services \ + file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \ + file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \ + file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \ + file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \ + file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \ " diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc new file mode 100644 index 0000000000..50ff960df5 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-api-test.inc @@ -0,0 +1,7 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000/psa-apitest:" + +include ts-corstone1000.inc + +SRC_URI:append:corstone1000 = " \ + file://0001-corstone1000-port-crypto-config.patch;patchdir=../psatest \ + " diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend index 6595c92a28..ea49213e89 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-crypto-api-test_git.bbappend @@ -1,7 +1 @@ -FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000:" -FILESEXTRAPATHS:prepend := "${THISDIR}/corstone1000/${PN}:" - -SRC_URI:append:corstone1000 = " \ - file://0001-corstone1000-port-crypto-config.patch;patchdir=../psatest \ - file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \ - " +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_git.bbappend new file mode 100644 index 0000000000..ea49213e89 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-iat-api-test_git.bbappend @@ -0,0 +1 @@ +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_git.bbappend new file mode 100644 index 0000000000..ea49213e89 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-its-api-test_git.bbappend @@ -0,0 +1 @@ +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_git.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_git.bbappend new file mode 100644 index 0000000000..ea49213e89 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-psa-ps-api-test_git.bbappend @@ -0,0 +1 @@ +require ts-psa-api-test.inc diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend index 8a37a28175..f39d2395f5 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-se-proxy_%.bbappend @@ -2,3 +2,8 @@ MACHINE_TS_REQUIRE ?= "" MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" require ${MACHINE_TS_REQUIRE} + +EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ + -DMM_COMM_BUFFER_PAGE_COUNT="1" \ + " + diff --git a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend index 8a37a28175..f39d2395f5 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/trusted-services/ts-sp-smm-gateway_%.bbappend @@ -2,3 +2,8 @@ MACHINE_TS_REQUIRE ?= "" MACHINE_TS_REQUIRE:corstone1000 = "ts-corstone1000.inc" require ${MACHINE_TS_REQUIRE} + +EXTRA_OECMAKE:append:corstone1000 = " -DMM_COMM_BUFFER_ADDRESS="0x00000000 0x02000000" \ + -DMM_COMM_BUFFER_PAGE_COUNT="1" \ + " + |