From fc7e7973f3119e2bad511209aa336537dc5ffbed Mon Sep 17 00:00:00 2001 From: Andrew Geissler Date: Mon, 11 Sep 2023 08:24:07 -0400 Subject: subtree updates meta-security: b9bc938785..1856a7cf43: Armin Kuster (1): scap-security-guide: update to 0.1.69+ Lei Maohui (2): paxctl: Fix do_package QA Issue. ccs-tools: Fix do_package QA Issue. Martin Jansa (1): layer.conf: update LAYERSERIES_COMPAT for nanbield Yi Zhao (1): scap-security-guide: pass the correct cpe/schemas/xsl paths to oscap meta-arm: 992c07f7c0..bd0953cc60: Abdellatif El Khlifi (1): arm-bsp/u-boot: corstone1000: detect the kernel size automatically Anusmita Dutta Mazumder (5): arm-bsp/u-boot: corstone1000: add unique firmware GUID arm-bsp/trusted-firmware-m: corstone1000: add unique firmware GUID arm-bsp/scp-firmware: Update N1SDP scp-firmware version arm-bsp/n1sdp: Enable tests with pseudo trusted application CI: Build custom image for N1SDP optee-xtest Delane Brandy (1): arm-bsp/corstone1000: mmc2-enablement Emekcan Aras (2): arm-bsp/trusted-firmware-a: corstone1000: Update TF-A v2.9 arm-bsp/optee-os: corstone1000: Update optee-os v3.22 Javier Tia (1): optee-client: Add path condition to tee-supplicant.service Jon Mason (14): arm/trusted-firmware-a: update to 2.9.0 arm-bsp/juno: update kernel to 6.4 arm/linux-yocto: change defconfig patch for 6.4 arm/hafnium: update to v2.8 arm/linux-yocto: update kernel patches arm/trusted-services: add SRCREV_FORMAT arm-bsp/tc1: update optee arm-bsp/fvp-baser-aemv8r64: update u-boot to 2023.01 arm-bsp/corstone500: upgrade u-boot to the latest arm-bsp/corstone500: removal of support arm: patch clean-ups arm/edk2: update to 202305 version arm/sbsa-acs: update to v7.1.2 arm-bsp/trusted-firmware-a: remove unneeded patches Mariam Elshakfy (2): arm-bsp/trusted-firmware-a: Update TF-A version for N1SDP arm-bsp/n1sdp: Update edk2-firmware version for N1SDP to 202305 Ross Burton (3): kas/: pass through DISPLAY from environment Remove explicit SRCPV arm-bsp/external-system: set PACKAGE_ARCH as this is machine-specific meta-raspberrypi: 5e2f79a6fa..6501ec892c: Andrei Gherzan (2): ci: Add usrmerge to distro features docs: Fix documentation theme Sangmo Kang (1): omxplayer: fix an error caused by new srcrev fetcher API Signed-off-by: Andrew Geissler --- .../optee-os/tc/0001-WIP-Enable-managed-exit.patch | 24 ++- ...at-totalcompute-fix-TZDRAM-start-and-size.patch | 44 ++---- .../optee/optee-client/tee-supplicant.service | 1 + .../optee/optee-os-corstone1000-common.inc | 6 - .../recipes-security/optee/optee-os-generic-tc.inc | 14 -- .../recipes-security/optee/optee-os-n1sdp.inc | 2 + .../optee/optee-os-tadevkit_3.18.0.bbappend | 2 +- .../recipes-security/optee/optee-os-tc.inc | 12 +- .../optee/optee-os_3.20.0.bbappend | 2 +- .../optee/optee-os_3.22.0.bbappend | 6 + ...ssion_1000-remove-unneeded-stat.h-include.patch | 34 +++++ ...d-arm_ffa_user-driver-compatibility-check.patch | 160 ++++++++++++++++++++ ...003-Update-arm_ffa_user-driver-dependency.patch | 36 +++++ .../Update-arm_ffa_user-driver-dependency.patch | 39 ----- ...d-arm_ffa_user-driver-compatibility-check.patch | 163 --------------------- .../optee/optee-test/musl-workaround.patch | 24 --- .../recipes-security/optee/optee-test_3.18.0.bb | 2 +- .../optee/optee-test_3.18.0.bbappend | 1 - .../recipes-security/optee/optee-test_3.20.0.bb | 6 +- .../optee/optee-test_3.20.0.bbappend | 6 + 20 files changed, 287 insertions(+), 297 deletions(-) delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-generic-tc.inc create mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend create mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch create mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch create mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0003-Update-arm_ffa_user-driver-dependency.patch delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch delete mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch create mode 100644 meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bbappend (limited to 'meta-arm/meta-arm-bsp/recipes-security/optee') diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0001-WIP-Enable-managed-exit.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0001-WIP-Enable-managed-exit.patch index 0f0a76e4f1..4571409bc6 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0001-WIP-Enable-managed-exit.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0001-WIP-Enable-managed-exit.patch @@ -1,7 +1,7 @@ -From 34db1357ab3192f18629ceadf4ea33b948513fec Mon Sep 17 00:00:00 2001 +From f449f6fdcbd987e18a26f0daeccfa447fe76821a Mon Sep 17 00:00:00 2001 From: Olivier Deprez Date: Mon, 16 Nov 2020 10:14:02 +0100 -Subject: [PATCH 1/2] WIP: Enable managed exit +Subject: [PATCH] WIP: Enable managed exit This change declares OP-TEE SP as supporting managed exit in response to a NS interrupt triggering while the SWd runs. @@ -23,6 +23,7 @@ Signed-off-by: Arunachalam Ganapathy Upstream-Status: Pending [Not submitted to upstream yet] Signed-off-by: Arunachalam Ganapathy + --- core/arch/arm/kernel/boot.c | 12 ++++++++++++ core/arch/arm/kernel/thread_a64.S | 11 ++++++++++- @@ -31,10 +32,10 @@ Signed-off-by: Arunachalam Ganapathy 4 files changed, 34 insertions(+), 1 deletion(-) diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c -index f173384d..466c042e 100644 +index dd34173e8..7d2ac74e8 100644 --- a/core/arch/arm/kernel/boot.c +++ b/core/arch/arm/kernel/boot.c -@@ -1350,6 +1350,18 @@ static void init_secondary_helper(unsigned long nsec_entry) +@@ -1424,6 +1424,18 @@ static void init_secondary_helper(unsigned long nsec_entry) init_vfp_sec(); init_vfp_nsec(); @@ -54,10 +55,10 @@ index f173384d..466c042e 100644 } diff --git a/core/arch/arm/kernel/thread_a64.S b/core/arch/arm/kernel/thread_a64.S -index d6baee4d..1b0c8f37 100644 +index 4fa97de24..4facc7631 100644 --- a/core/arch/arm/kernel/thread_a64.S +++ b/core/arch/arm/kernel/thread_a64.S -@@ -1087,6 +1087,14 @@ END_FUNC el0_sync_abort +@@ -1162,6 +1162,14 @@ END_FUNC el0_sync_abort bl dcache_op_louis ic iallu #endif @@ -72,7 +73,7 @@ index d6baee4d..1b0c8f37 100644 /* * Mark current thread as suspended */ -@@ -1204,8 +1212,9 @@ LOCAL_FUNC elx_irq , : +@@ -1318,8 +1326,9 @@ LOCAL_FUNC elx_irq , : #endif END_FUNC elx_irq @@ -84,10 +85,10 @@ index d6baee4d..1b0c8f37 100644 #else native_intr_handler fiq diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c -index ea9e8f03..15577e7e 100644 +index 3b4ac0b4e..8f7c18dfa 100644 --- a/core/arch/arm/kernel/thread_spmc.c +++ b/core/arch/arm/kernel/thread_spmc.c -@@ -1518,6 +1518,17 @@ static TEE_Result spmc_init(void) +@@ -1517,6 +1517,17 @@ static TEE_Result spmc_init(void) my_endpoint_id = spmc_get_id(); DMSG("My endpoint ID %#x", my_endpoint_id); @@ -106,7 +107,7 @@ index ea9e8f03..15577e7e 100644 } #endif /* !defined(CFG_CORE_SEL1_SPMC) */ diff --git a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts -index 0bfe33f3..00cfa5b2 100644 +index 3ebbaddc8..56e69f372 100644 --- a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts +++ b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts @@ -24,6 +24,7 @@ @@ -117,6 +118,3 @@ index 0bfe33f3..00cfa5b2 100644 device-regions { compatible = "arm,ffa-manifest-device-regions"; --- -2.34.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch index ff7f513357..c516be4638 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch @@ -1,23 +1,23 @@ -From 35dba075593cb32c62b881e7763fcf0ea37908f7 Mon Sep 17 00:00:00 2001 -From: Arunachalam Ganapathy -Date: Mon, 23 May 2022 11:32:41 +0100 -Subject: [PATCH 2/2] plat-totalcompute: fix TZDRAM start and size +From 5ddda749c60dce834bcd79e8b8d904858319adc0 Mon Sep 17 00:00:00 2001 +From: Rupinderjit Singh +Date: Tue, 7 Feb 2023 09:45:02 +0000 +Subject: [PATCH] plat-totalcompute: update TZDRAM_SIZE -- Fix TZDRAM_SIZE in TC platform -- For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to - 0x4000 for boot protocol support. +For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to +0x4000 for boot protocol support. -Upstream-Status: Pending [Not submitted to upstream yet] +Signed-off-by: Rupinderjit Singh +Acked-by: Jens Wiklander + +Upstream-Status: Backport +Signed-off-by: Jon Mason -Signed-off-by: Arunachalam Ganapathy -Change-Id: Iff19c498e9edae961f469604d69419c1a32145f5 --- - core/arch/arm/plat-totalcompute/conf.mk | 5 +++-- - core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts | 2 +- - 2 files changed, 4 insertions(+), 3 deletions(-) + core/arch/arm/plat-totalcompute/conf.mk | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/core/arch/arm/plat-totalcompute/conf.mk b/core/arch/arm/plat-totalcompute/conf.mk -index b39ac0f0..2f6c0ee1 100644 +index b39ac0f0667f..2f6c0ee1460a 100644 --- a/core/arch/arm/plat-totalcompute/conf.mk +++ b/core/arch/arm/plat-totalcompute/conf.mk @@ -32,8 +32,9 @@ ifeq ($(CFG_CORE_SEL1_SPMC),y) @@ -32,19 +32,3 @@ index b39ac0f0..2f6c0ee1 100644 else CFG_TZDRAM_START ?= 0xff000000 CFG_TZDRAM_SIZE ?= 0x01000000 -diff --git a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts -index 00cfa5b2..56e69f37 100644 ---- a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts -+++ b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts -@@ -20,7 +20,7 @@ - exception-level = <2>; /* S-EL1 */ - execution-state = <0>; /* AARCH64 */ - load-address = <0xfd280000>; -- entrypoint-offset = <0x1000>; -+ entrypoint-offset = <0x4000>; - xlat-granule = <0>; /* 4KiB */ - boot-order = <0>; - messaging-method = <0x3>; /* Direct request/response supported */ --- -2.34.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client/tee-supplicant.service b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client/tee-supplicant.service index c273832d72..6b00df7421 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client/tee-supplicant.service +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-client/tee-supplicant.service @@ -1,5 +1,6 @@ [Unit] Description=TEE Supplicant +ConditionPathExistsGlob=/dev/teepriv[0-9]* [Service] User=root diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-corstone1000-common.inc b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-corstone1000-common.inc index 1f028ffa37..eaee7ae91c 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-corstone1000-common.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-corstone1000-common.inc @@ -1,9 +1,3 @@ -SRC_URI:remove = " \ - file://0003-core-link-add-no-warn-rwx-segments.patch \ - file://0007-core-spmc-handle-non-secure-interrupts.patch \ - file://0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch \ - " - COMPATIBLE_MACHINE = "corstone1000" OPTEEMACHINE = "corstone1000" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-generic-tc.inc b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-generic-tc.inc deleted file mode 100644 index 31f1915868..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-generic-tc.inc +++ /dev/null @@ -1,14 +0,0 @@ -# Total Compute (tc) specific configuration for optee-os and optee-os-tadevkit - -FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/tc:" -SRC_URI:append:tc = " \ - file://sp_layout.json \ - file://0001-WIP-Enable-managed-exit.patch \ - file://0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch \ - " - -COMPATIBLE_MACHINE = "(tc?)" - -OPTEEMACHINE:tc0 = "totalcompute-tc0" -OPTEEMACHINE:tc1 = "totalcompute-tc1" - diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc index a40c93dcba..80a11b5330 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc @@ -27,3 +27,5 @@ EXTRA_OEMAKE += " CFG_DT=y" EXTRA_OEMAKE += " CFG_SECURE_PARTITION=y" EXTRA_OEMAKE += " CFG_MAP_EXT_DT_SECURE=y" + +EXTRA_OEMAKE += " CFG_ENABLE_EMBEDDED_TESTS=y" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend index 6a22d47ef1..0cb9b05e0b 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend @@ -1,6 +1,6 @@ # Machine specific configurations MACHINE_OPTEE_OS_TADEVKIT_REQUIRE ?= "" -MACHINE_OPTEE_OS_TADEVKIT_REQUIRE:tc = "optee-os-generic-tc.inc" +MACHINE_OPTEE_OS_TADEVKIT_REQUIRE:tc = "optee-os-tc.inc" require ${MACHINE_OPTEE_OS_TADEVKIT_REQUIRE} diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tc.inc b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tc.inc index 793665222b..c4049f5afb 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tc.inc +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-tc.inc @@ -1,6 +1,16 @@ # TC0 specific configuration -require optee-os-generic-tc.inc +# Total Compute (tc) specific configuration for optee-os and optee-os-tadevkit + +FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/tc:" +SRC_URI:append:tc = " file://sp_layout.json \ + file://0001-WIP-Enable-managed-exit.patch \ + file://0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch \ + " + +COMPATIBLE_MACHINE = "(tc?)" + +OPTEEMACHINE:tc1 = "totalcompute-tc1" # Enable optee memory layout and boot logs EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=3" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend index b5493e5e2a..bc933dd54c 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend @@ -1,7 +1,7 @@ # Machine specific configurations MACHINE_OPTEE_OS_REQUIRE ?= "" -MACHINE_OPTEE_OS_REQUIRE:corstone1000 = "optee-os-corstone1000-common.inc" MACHINE_OPTEE_OS_REQUIRE:n1sdp = "optee-os-n1sdp.inc" +MACHINE_OPTEE_OS_REQUIRE:tc = "optee-os-tc.inc" require ${MACHINE_OPTEE_OS_REQUIRE} diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend new file mode 100644 index 0000000000..e732c80f88 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os_3.22.0.bbappend @@ -0,0 +1,6 @@ +# Machine specific configurations + +MACHINE_OPTEE_OS_REQUIRE ?= "" +MACHINE_OPTEE_OS_REQUIRE:corstone1000 = "optee-os-corstone1000-common.inc" + +require ${MACHINE_OPTEE_OS_REQUIRE} diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch new file mode 100644 index 0000000000..98c49a2087 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch @@ -0,0 +1,34 @@ +From 53642dc98630b9c725977ab935c5bdd9c401e1aa Mon Sep 17 00:00:00 2001 +From: Jon Mason +Date: Sat, 15 Jul 2023 15:08:43 -0400 +Subject: [PATCH] xtest: regression_1000: remove unneeded stat.h include + +Hack to work around musl compile error: + In file included from optee-test/3.17.0-r0/recipe-sysroot/usr/include/sys/stat.h:23, + from optee-test/3.17.0-r0/git/host/xtest/regression_1000.c:25: + optee-test/3.17.0-r0/recipe-sysroot/usr/include/bits/stat.h:17:26: error: expected identifier or '(' before '[' token + 17 | unsigned __unused[2]; + | ^ + +stat.h is not needed, since it is not being used in this file. So removing it. + +Upstream-Status: Backport +Signed-off-by: Jon Mason +Reviewed-by: Jerome Forissier +Acked-by: Jens Wiklander +--- + host/xtest/regression_1000.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c +index de32c4184fd8..25b4721cdc45 100644 +--- a/host/xtest/regression_1000.c ++++ b/host/xtest/regression_1000.c +@@ -22,7 +22,6 @@ + #include + #include + #include +-#include + #include + #include + #include diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch new file mode 100644 index 0000000000..24cdf0ad1a --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch @@ -0,0 +1,160 @@ +From 717ff43f0d58e5f5a87893bd0cf3274a1e0164dc Mon Sep 17 00:00:00 2001 +From: Gabor Toth +Date: Fri, 3 Mar 2023 12:25:58 +0100 +Subject: [PATCH] ffa_spmc: Add arm_ffa_user driver compatibility check + +Check the version of the arm_ffa_user Kernel Driver and fail with a +meaningful message if incompatible driver is detected. + +Upstream-Status: Backport + +Signed-off-by: Gabor Toth +Acked-by: Jens Wiklander +--- + host/xtest/ffa_spmc_1000.c | 68 ++++++++++++++++++++++++++++++++++---- + 1 file changed, 61 insertions(+), 7 deletions(-) + +diff --git a/host/xtest/ffa_spmc_1000.c b/host/xtest/ffa_spmc_1000.c +index 15f4a468a775..1839d03f29be 100644 +--- a/host/xtest/ffa_spmc_1000.c ++++ b/host/xtest/ffa_spmc_1000.c +@@ -1,11 +1,12 @@ + // SPDX-License-Identifier: BSD-3-Clause + /* +- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved. ++ * Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved. + */ + #include + #include + #include + #include ++#include + #include + #include + #include "include/uapi/linux/arm_ffa_user.h" +@@ -17,6 +18,10 @@ + #define INCORRECT_ENDPOINT_ID 0xffff + #define NORMAL_WORLD_ENDPOINT_ID 0 + ++#define FFA_USER_REQ_VER_MAJOR 5 ++#define FFA_USER_REQ_VER_MINOR 0 ++#define FFA_USER_REQ_VER_PATCH 1 ++ + /* Get the 32 least significant bits of a handle.*/ + #define MEM_SHARE_HANDLE_LOW(x) ((x) & 0xffffffff) + /* Get the 32 most significant bits of a handle.*/ +@@ -62,6 +67,50 @@ static struct ffa_ioctl_ep_desc test_endpoint3 = { + .uuid_ptr = (uint64_t)test_endpoint3_uuid, + }; + ++static bool check_ffa_user_version(void) ++{ ++ FILE *f = NULL; ++ int ver_major = -1; ++ int ver_minor = -1; ++ int ver_patch = -1; ++ int scan_cnt = 0; ++ ++ f = fopen("/sys/module/arm_ffa_user/version", "r"); ++ if (f) { ++ scan_cnt = fscanf(f, "%d.%d.%d", ++ &ver_major, &ver_minor, &ver_patch); ++ fclose(f); ++ if (scan_cnt != 3) { ++ printf("error: failed to parse arm_ffa_user version\n"); ++ return false; ++ } ++ } else { ++ printf("error: failed to read arm_ffa_user module info - %s\n", ++ strerror(errno)); ++ return false; ++ } ++ ++ if (ver_major != FFA_USER_REQ_VER_MAJOR) ++ goto err; ++ ++ if (ver_minor < FFA_USER_REQ_VER_MINOR) ++ goto err; ++ ++ if (ver_minor == FFA_USER_REQ_VER_MINOR) ++ if (ver_patch < FFA_USER_REQ_VER_PATCH) ++ goto err; ++ ++ return true; ++ ++err: ++ printf("error: Incompatible arm_ffa_user driver detected."); ++ printf("Found v%d.%d.%d wanted >= v%d.%d.%d)\n", ++ ver_major, ver_minor, ver_patch, FFA_USER_REQ_VER_MAJOR, ++ FFA_USER_REQ_VER_MINOR, FFA_USER_REQ_VER_PATCH); ++ ++ return false; ++} ++ + static void close_debugfs(void) + { + int err = 0; +@@ -76,6 +125,9 @@ static void close_debugfs(void) + + static bool init_sp_xtest(ADBG_Case_t *c) + { ++ if (!check_ffa_user_version()) ++ return false; ++ + if (ffa_fd < 0) { + ffa_fd = open(FFA_DRIVER_FS_PATH, O_RDWR); + if (ffa_fd < 0) { +@@ -83,6 +135,7 @@ static bool init_sp_xtest(ADBG_Case_t *c) + return false; + } + } ++ + return true; + } + +@@ -99,7 +152,7 @@ static uint16_t get_endpoint_id(uint64_t endp) + struct ffa_ioctl_ep_desc sid = { .uuid_ptr = endp }; + + /* Get ID of destination SP based on UUID */ +- if(ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid)) ++ if (ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid)) + return INCORRECT_ENDPOINT_ID; + + return sid.id; +@@ -213,14 +266,15 @@ static int set_up_mem(struct ffa_ioctl_ep_desc *endp, + rc = share_mem(endpoint, handle); + ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0); + +- if (!ADBG_EXPECT_TRUE(c, handle != NULL)) +- return TEEC_ERROR_GENERIC; ++ if (!ADBG_EXPECT_NOT_NULL(c, handle)) ++ return TEEC_ERROR_GENERIC; + + /* SP will retrieve the memory region. */ + memset(args, 0, sizeof(*args)); + args->dst_id = endpoint; + args->args[MEM_SHARE_HANDLE_LOW_INDEX] = MEM_SHARE_HANDLE_LOW(*handle); +- args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = MEM_SHARE_HANDLE_HIGH(*handle); ++ args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = ++ MEM_SHARE_HANDLE_HIGH(*handle); + args->args[MEM_SHARE_HANDLE_ENDPOINT_INDEX] = NORMAL_WORLD_ENDPOINT_ID; + + rc = start_sp_test(endpoint, EP_RETRIEVE, args); +@@ -254,7 +308,7 @@ static void xtest_ffa_spmc_test_1002(ADBG_Case_t *c) + rc = start_sp_test(endpoint1_id, EP_TEST_SP, &args); + ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0); + if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK)) +- goto out; ++ goto out; + + /* Set up memory and have the SP retrieve it. */ + Do_ADBG_BeginSubCase(c, "Test memory set-up"); +@@ -469,7 +523,7 @@ static void xtest_ffa_spmc_test_1005(ADBG_Case_t *c) + memset(&args, 0, sizeof(args)); + args.args[1] = endpoint2; + args.args[2] = endpoint3; +- rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI,&args); ++ rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI, &args); + ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0); + ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK); + diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0003-Update-arm_ffa_user-driver-dependency.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0003-Update-arm_ffa_user-driver-dependency.patch new file mode 100644 index 0000000000..44d9f9477d --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/0003-Update-arm_ffa_user-driver-dependency.patch @@ -0,0 +1,36 @@ +From 3de910a19f01a2a9e1c9a6bd6feee1aef547f676 Mon Sep 17 00:00:00 2001 +From: Gabor Toth +Date: Fri, 3 Mar 2023 12:23:45 +0100 +Subject: [PATCH] Update arm_ffa_user driver dependency + +Updating arm-ffa-user to v5.0.1 to get the following changes: + - move to 64 bit direct messages + - add Linux Kernel v6.1 compatibility +The motivation is to update x-test to depend on the same driver +version as TS uefi-test and thus to enable running these in a single +configuration. +Note: arm_ffa_user.h was copied from: + - URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git + - SHA:18e3be71f65a405dfb5d97603ae71b3c11759861 + +Upstream-Status: Backport + +Signed-off-by: Gabor Toth +Acked-by: Jens Wiklander +--- + host/xtest/include/uapi/linux/arm_ffa_user.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/host/xtest/include/uapi/linux/arm_ffa_user.h b/host/xtest/include/uapi/linux/arm_ffa_user.h +index 9ef0be3e1664..0acde4fb2020 100644 +--- a/host/xtest/include/uapi/linux/arm_ffa_user.h ++++ b/host/xtest/include/uapi/linux/arm_ffa_user.h +@@ -33,7 +33,7 @@ struct ffa_ioctl_ep_desc { + * @dst_id: [in] 16-bit ID of destination endpoint. + */ + struct ffa_ioctl_msg_args { +- __u32 args[5]; ++ __u64 args[5]; + __u16 dst_id; + }; + #define FFA_IOC_MSG_SEND _IOWR(FFA_IOC_MAGIC, FFA_IOC_BASE + 1, \ diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch deleted file mode 100644 index e889f74051..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 7e15470f3dd45c844f0e0901f0c85c46a0882b8b Mon Sep 17 00:00:00 2001 -From: Gabor Toth -Date: Fri, 3 Mar 2023 12:23:45 +0100 -Subject: [PATCH 1/2] Update arm_ffa_user driver dependency - -Updating arm-ffa-user to v5.0.1 to get the following changes: - - move to 64 bit direct messages - - add Linux Kernel v6.1 compatibility -The motivation is to update x-test to depend on the same driver -version as TS uefi-test and thus to enable running these in a single -configuration. -Note: arm_ffa_user.h was copied from: - - URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git - - SHA:18e3be71f65a405dfb5d97603ae71b3c11759861 - -Upstream-Status: Backport - -Signed-off-by: Gabor Toth -Acked-by: Jens Wiklander ---- - host/xtest/include/uapi/linux/arm_ffa_user.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/host/xtest/include/uapi/linux/arm_ffa_user.h b/host/xtest/include/uapi/linux/arm_ffa_user.h -index 9ef0be3..0acde4f 100644 ---- a/host/xtest/include/uapi/linux/arm_ffa_user.h -+++ b/host/xtest/include/uapi/linux/arm_ffa_user.h -@@ -33,7 +33,7 @@ struct ffa_ioctl_ep_desc { - * @dst_id: [in] 16-bit ID of destination endpoint. - */ - struct ffa_ioctl_msg_args { -- __u32 args[5]; -+ __u64 args[5]; - __u16 dst_id; - }; - #define FFA_IOC_MSG_SEND _IOWR(FFA_IOC_MAGIC, FFA_IOC_BASE + 1, \ --- -2.39.1.windows.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch deleted file mode 100644 index d333e860a7..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 6734d14cc249af37705129de7874533df9535cd3 Mon Sep 17 00:00:00 2001 -From: Gabor Toth -Date: Fri, 3 Mar 2023 12:25:58 +0100 -Subject: [PATCH 2/2] ffa_spmc: Add arm_ffa_user driver compatibility check - -Check the version of the arm_ffa_user Kernel Driver and fail with a -meaningful message if incompatible driver is detected. - -Upstream-Status: Backport - -Signed-off-by: Gabor Toth -Acked-by: Jens Wiklander ---- - host/xtest/ffa_spmc_1000.c | 68 ++++++++++++++++++++++++++++++++++---- - 1 file changed, 61 insertions(+), 7 deletions(-) - -diff --git a/host/xtest/ffa_spmc_1000.c b/host/xtest/ffa_spmc_1000.c -index 15f4a46..1839d03 100644 ---- a/host/xtest/ffa_spmc_1000.c -+++ b/host/xtest/ffa_spmc_1000.c -@@ -1,11 +1,12 @@ - // SPDX-License-Identifier: BSD-3-Clause - /* -- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved. -+ * Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved. - */ - #include - #include - #include - #include -+#include - #include - #include - #include "include/uapi/linux/arm_ffa_user.h" -@@ -17,6 +18,10 @@ - #define INCORRECT_ENDPOINT_ID 0xffff - #define NORMAL_WORLD_ENDPOINT_ID 0 - -+#define FFA_USER_REQ_VER_MAJOR 5 -+#define FFA_USER_REQ_VER_MINOR 0 -+#define FFA_USER_REQ_VER_PATCH 1 -+ - /* Get the 32 least significant bits of a handle.*/ - #define MEM_SHARE_HANDLE_LOW(x) ((x) & 0xffffffff) - /* Get the 32 most significant bits of a handle.*/ -@@ -62,6 +67,50 @@ static struct ffa_ioctl_ep_desc test_endpoint3 = { - .uuid_ptr = (uint64_t)test_endpoint3_uuid, - }; - -+static bool check_ffa_user_version(void) -+{ -+ FILE *f = NULL; -+ int ver_major = -1; -+ int ver_minor = -1; -+ int ver_patch = -1; -+ int scan_cnt = 0; -+ -+ f = fopen("/sys/module/arm_ffa_user/version", "r"); -+ if (f) { -+ scan_cnt = fscanf(f, "%d.%d.%d", -+ &ver_major, &ver_minor, &ver_patch); -+ fclose(f); -+ if (scan_cnt != 3) { -+ printf("error: failed to parse arm_ffa_user version\n"); -+ return false; -+ } -+ } else { -+ printf("error: failed to read arm_ffa_user module info - %s\n", -+ strerror(errno)); -+ return false; -+ } -+ -+ if (ver_major != FFA_USER_REQ_VER_MAJOR) -+ goto err; -+ -+ if (ver_minor < FFA_USER_REQ_VER_MINOR) -+ goto err; -+ -+ if (ver_minor == FFA_USER_REQ_VER_MINOR) -+ if (ver_patch < FFA_USER_REQ_VER_PATCH) -+ goto err; -+ -+ return true; -+ -+err: -+ printf("error: Incompatible arm_ffa_user driver detected."); -+ printf("Found v%d.%d.%d wanted >= v%d.%d.%d)\n", -+ ver_major, ver_minor, ver_patch, FFA_USER_REQ_VER_MAJOR, -+ FFA_USER_REQ_VER_MINOR, FFA_USER_REQ_VER_PATCH); -+ -+ return false; -+} -+ - static void close_debugfs(void) - { - int err = 0; -@@ -76,6 +125,9 @@ static void close_debugfs(void) - - static bool init_sp_xtest(ADBG_Case_t *c) - { -+ if (!check_ffa_user_version()) -+ return false; -+ - if (ffa_fd < 0) { - ffa_fd = open(FFA_DRIVER_FS_PATH, O_RDWR); - if (ffa_fd < 0) { -@@ -83,6 +135,7 @@ static bool init_sp_xtest(ADBG_Case_t *c) - return false; - } - } -+ - return true; - } - -@@ -99,7 +152,7 @@ static uint16_t get_endpoint_id(uint64_t endp) - struct ffa_ioctl_ep_desc sid = { .uuid_ptr = endp }; - - /* Get ID of destination SP based on UUID */ -- if(ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid)) -+ if (ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid)) - return INCORRECT_ENDPOINT_ID; - - return sid.id; -@@ -213,14 +266,15 @@ static int set_up_mem(struct ffa_ioctl_ep_desc *endp, - rc = share_mem(endpoint, handle); - ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0); - -- if (!ADBG_EXPECT_TRUE(c, handle != NULL)) -- return TEEC_ERROR_GENERIC; -+ if (!ADBG_EXPECT_NOT_NULL(c, handle)) -+ return TEEC_ERROR_GENERIC; - - /* SP will retrieve the memory region. */ - memset(args, 0, sizeof(*args)); - args->dst_id = endpoint; - args->args[MEM_SHARE_HANDLE_LOW_INDEX] = MEM_SHARE_HANDLE_LOW(*handle); -- args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = MEM_SHARE_HANDLE_HIGH(*handle); -+ args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = -+ MEM_SHARE_HANDLE_HIGH(*handle); - args->args[MEM_SHARE_HANDLE_ENDPOINT_INDEX] = NORMAL_WORLD_ENDPOINT_ID; - - rc = start_sp_test(endpoint, EP_RETRIEVE, args); -@@ -254,7 +308,7 @@ static void xtest_ffa_spmc_test_1002(ADBG_Case_t *c) - rc = start_sp_test(endpoint1_id, EP_TEST_SP, &args); - ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0); - if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK)) -- goto out; -+ goto out; - - /* Set up memory and have the SP retrieve it. */ - Do_ADBG_BeginSubCase(c, "Test memory set-up"); -@@ -469,7 +523,7 @@ static void xtest_ffa_spmc_test_1005(ADBG_Case_t *c) - memset(&args, 0, sizeof(args)); - args.args[1] = endpoint2; - args.args[2] = endpoint3; -- rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI,&args); -+ rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI, &args); - ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0); - ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK); - --- -2.39.1.windows.1 - diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch deleted file mode 100644 index eed1bd4be1..0000000000 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch +++ /dev/null @@ -1,24 +0,0 @@ -Hack to work around musl compile error: - In file included from optee-test/3.17.0-r0/recipe-sysroot/usr/include/sys/stat.h:23, - from optee-test/3.17.0-r0/git/host/xtest/regression_1000.c:25: - optee-test/3.17.0-r0/recipe-sysroot/usr/include/bits/stat.h:17:26: error: expected identifier or '(' before '[' token - 17 | unsigned __unused[2]; - | ^ - -stat.h is not needed, since it is not being used in this file. So removing it. - -Upstream-Status: Pending [Not submitted to upstream yet] -Signed-off-by: Jon Mason - -diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c -index 4264884..7f1baca 100644 ---- a/host/xtest/regression_1000.c -+++ b/host/xtest/regression_1000.c -@@ -22,7 +22,6 @@ - #include - #include - #include --#include - #include - #include - #include diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb index 436733ea09..cf8ea01baa 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb @@ -1,7 +1,7 @@ require recipes-security/optee/optee-test.inc SRC_URI += " \ - file://musl-workaround.patch \ + file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \ " SRCREV = "da5282a011b40621a2cf7a296c11a35c833ed91b" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bbappend index 9318a07e0a..05e2abca63 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bbappend +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bbappend @@ -1,7 +1,6 @@ # Machine specific configurations MACHINE_OPTEE_TEST_REQUIRE ?= "" -MACHINE_OPTEE_TEST_REQUIRE:tc = "optee-test-tc.inc" MACHINE_OPTEE_TEST_REQUIRE:n1sdp = "optee-os-generic-n1sdp.inc" require ${MACHINE_OPTEE_TEST_REQUIRE} diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb index 03ea9116c5..5f73d41405 100644 --- a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb @@ -1,9 +1,9 @@ require recipes-security/optee/optee-test.inc SRC_URI += " \ - file://Update-arm_ffa_user-driver-dependency.patch \ - file://ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch \ - file://musl-workaround.patch \ + file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \ + file://0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch \ + file://0003-Update-arm_ffa_user-driver-dependency.patch \ " SRCREV = "5db8ab4c733d5b2f4afac3e9aef0a26634c4b444" diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bbappend b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bbappend new file mode 100644 index 0000000000..490b350049 --- /dev/null +++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bbappend @@ -0,0 +1,6 @@ +# Machine specific configurations + +MACHINE_OPTEE_TEST_REQUIRE ?= "" +MACHINE_OPTEE_TEST_REQUIRE:tc = "optee-test-tc.inc" + +require ${MACHINE_OPTEE_TEST_REQUIRE} -- cgit v1.2.3