diff options
Diffstat (limited to 'recipes-security/optee-imx')
-rw-r--r-- | recipes-security/optee-imx/optee-client_4.0.0.imx.bb (renamed from recipes-security/optee-imx/optee-client_3.21.0.imx.bb) | 4 | ||||
-rw-r--r-- | recipes-security/optee-imx/optee-os/0001-core-Define-section-attributes-for-clang.patch | 69 | ||||
-rw-r--r-- | recipes-security/optee-imx/optee-os/0002-optee-enable-clang-support.patch | 4 | ||||
-rw-r--r-- | recipes-security/optee-imx/optee-os/0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch | 4 | ||||
-rw-r--r-- | recipes-security/optee-imx/optee-os/0004-core-link-add-no-warn-rwx-segments.patch | 6 | ||||
-rw-r--r-- | recipes-security/optee-imx/optee-os_4.0.0.imx.bb (renamed from recipes-security/optee-imx/optee-os_3.21.0.imx.bb) | 4 | ||||
-rw-r--r-- | recipes-security/optee-imx/optee-test_4.0.0.imx.bb (renamed from recipes-security/optee-imx/optee-test_3.21.0.imx.bb) | 4 |
7 files changed, 47 insertions, 48 deletions
diff --git a/recipes-security/optee-imx/optee-client_3.21.0.imx.bb b/recipes-security/optee-imx/optee-client_4.0.0.imx.bb index 3860cb6c..2a9eaa6a 100644 --- a/recipes-security/optee-imx/optee-client_3.21.0.imx.bb +++ b/recipes-security/optee-imx/optee-client_4.0.0.imx.bb | |||
@@ -1,7 +1,7 @@ | |||
1 | require optee-client-fslc-imx.inc | 1 | require optee-client-fslc-imx.inc |
2 | 2 | ||
3 | SRCBRANCH = "lf-6.1.36_2.1.0" | 3 | SRCBRANCH = "lf-6.1.55_2.2.0" |
4 | SRCREV = "8533e0e6329840ee96cf81b6453f257204227e6c" | 4 | SRCREV = "acb0885c117e73cb6c5c9b1dd9054cb3f93507ee" |
5 | 5 | ||
6 | DEPENDS += "util-linux" | 6 | DEPENDS += "util-linux" |
7 | EXTRA_OEMAKE += "PKG_CONFIG=pkg-config" | 7 | EXTRA_OEMAKE += "PKG_CONFIG=pkg-config" |
diff --git a/recipes-security/optee-imx/optee-os/0001-core-Define-section-attributes-for-clang.patch b/recipes-security/optee-imx/optee-os/0001-core-Define-section-attributes-for-clang.patch index 8a9062f3..54fbe541 100644 --- a/recipes-security/optee-imx/optee-os/0001-core-Define-section-attributes-for-clang.patch +++ b/recipes-security/optee-imx/optee-os/0001-core-Define-section-attributes-for-clang.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From b73c3d2829d3661ca66b5cc6b4181f3bf973b13f Mon Sep 17 00:00:00 2001 | 1 | From ef83625c9a5f50610e25aa860c4b9c5e64723a66 Mon Sep 17 00:00:00 2001 |
2 | From: Emekcan Aras <emekcan.aras@arm.com> | 2 | From: Emekcan Aras <emekcan.aras@arm.com> |
3 | Date: Wed, 21 Dec 2022 10:55:58 +0000 | 3 | Date: Wed, 21 Dec 2022 10:55:58 +0000 |
4 | Subject: [PATCH 1/4] core: Define section attributes for clang | 4 | Subject: [PATCH 1/4] core: Define section attributes for clang |
@@ -36,15 +36,15 @@ Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> | |||
36 | core/arch/arm/kernel/thread.c | 19 +++++++++++++++-- | 36 | core/arch/arm/kernel/thread.c | 19 +++++++++++++++-- |
37 | core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++---- | 37 | core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++---- |
38 | core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++--- | 38 | core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++--- |
39 | core/arch/arm/mm/pgt_cache.c | 12 ++++++++++- | ||
40 | core/kernel/thread.c | 13 +++++++++++- | 39 | core/kernel/thread.c | 13 +++++++++++- |
40 | core/mm/pgt_cache.c | 12 ++++++++++- | ||
41 | 5 files changed, 104 insertions(+), 11 deletions(-) | 41 | 5 files changed, 104 insertions(+), 11 deletions(-) |
42 | 42 | ||
43 | diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c | 43 | diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c |
44 | index 22ef932f9..7a9078d2e 100644 | 44 | index 66833b3a0..b3eb9cf9a 100644 |
45 | --- a/core/arch/arm/kernel/thread.c | 45 | --- a/core/arch/arm/kernel/thread.c |
46 | +++ b/core/arch/arm/kernel/thread.c | 46 | +++ b/core/arch/arm/kernel/thread.c |
47 | @@ -44,15 +44,30 @@ static size_t thread_user_kcode_size __nex_bss; | 47 | @@ -45,15 +45,30 @@ static size_t thread_user_kcode_size __nex_bss; |
48 | #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \ | 48 | #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \ |
49 | defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64) | 49 | defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64) |
50 | long thread_user_kdata_sp_offset __nex_bss; | 50 | long thread_user_kdata_sp_offset __nex_bss; |
@@ -78,10 +78,10 @@ index 22ef932f9..7a9078d2e 100644 | |||
78 | 78 | ||
79 | #ifdef ARM32 | 79 | #ifdef ARM32 |
80 | diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c | 80 | diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c |
81 | index 6df2c68cf..a877e4965 100644 | 81 | index 4c8b85e39..1885e1d3f 100644 |
82 | --- a/core/arch/arm/mm/core_mmu_lpae.c | 82 | --- a/core/arch/arm/mm/core_mmu_lpae.c |
83 | +++ b/core/arch/arm/mm/core_mmu_lpae.c | 83 | +++ b/core/arch/arm/mm/core_mmu_lpae.c |
84 | @@ -238,19 +238,46 @@ typedef uint16_t l1_idx_t; | 84 | @@ -234,19 +234,46 @@ typedef uint16_t l1_idx_t; |
85 | typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES]; | 85 | typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES]; |
86 | typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES]; | 86 | typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES]; |
87 | 87 | ||
@@ -133,7 +133,7 @@ index 6df2c68cf..a877e4965 100644 | |||
133 | * TAs page table entry inside a level 1 page table. | 133 | * TAs page table entry inside a level 1 page table. |
134 | * | 134 | * |
135 | diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c | 135 | diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c |
136 | index 58596be84..98fa58635 100644 | 136 | index 61e703da8..1960c08ca 100644 |
137 | --- a/core/arch/arm/mm/core_mmu_v7.c | 137 | --- a/core/arch/arm/mm/core_mmu_v7.c |
138 | +++ b/core/arch/arm/mm/core_mmu_v7.c | 138 | +++ b/core/arch/arm/mm/core_mmu_v7.c |
139 | @@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES]; | 139 | @@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES]; |
@@ -186,35 +186,11 @@ index 58596be84..98fa58635 100644 | |||
186 | 186 | ||
187 | struct mmu_partition { | 187 | struct mmu_partition { |
188 | l1_xlat_tbl_t *l1_table; | 188 | l1_xlat_tbl_t *l1_table; |
189 | diff --git a/core/arch/arm/mm/pgt_cache.c b/core/arch/arm/mm/pgt_cache.c | ||
190 | index 79553c6d2..b9efdf427 100644 | ||
191 | --- a/core/arch/arm/mm/pgt_cache.c | ||
192 | +++ b/core/arch/arm/mm/pgt_cache.c | ||
193 | @@ -410,8 +410,18 @@ void pgt_init(void) | ||
194 | * has a large alignment, while .bss has a small alignment. The current | ||
195 | * link script is optimized for small alignment in .bss | ||
196 | */ | ||
197 | +#ifdef __clang__ | ||
198 | +#pragma clang section bss=".nozi.mmu.l2" | ||
199 | +#endif | ||
200 | static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE] | ||
201 | - __aligned(PGT_SIZE) __section(".nozi.pgt_cache"); | ||
202 | + __aligned(PGT_SIZE) | ||
203 | +#ifndef __clang__ | ||
204 | + __section(".nozi.pgt_cache") | ||
205 | +#endif | ||
206 | + ; | ||
207 | +#ifdef __clang__ | ||
208 | +#pragma clang section bss="" | ||
209 | +#endif | ||
210 | size_t n; | ||
211 | |||
212 | for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) { | ||
213 | diff --git a/core/kernel/thread.c b/core/kernel/thread.c | 189 | diff --git a/core/kernel/thread.c b/core/kernel/thread.c |
214 | index e48294b3b..8de9064ca 100644 | 190 | index 2a1f22dce..5516b6771 100644 |
215 | --- a/core/kernel/thread.c | 191 | --- a/core/kernel/thread.c |
216 | +++ b/core/kernel/thread.c | 192 | +++ b/core/kernel/thread.c |
217 | @@ -38,13 +38,24 @@ struct thread_core_local thread_core_local[CFG_TEE_CORE_NB_CORE] __nex_bss; | 193 | @@ -39,13 +39,24 @@ static uint32_t end_canary_value = 0xababab00; |
218 | name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1] | 194 | name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1] |
219 | #endif | 195 | #endif |
220 | 196 | ||
@@ -240,7 +216,30 @@ index e48294b3b..8de9064ca 100644 | |||
240 | #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack)) | 216 | #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack)) |
241 | 217 | ||
242 | DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE, | 218 | DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE, |
219 | diff --git a/core/mm/pgt_cache.c b/core/mm/pgt_cache.c | ||
220 | index 79553c6d2..b9efdf427 100644 | ||
221 | --- a/core/mm/pgt_cache.c | ||
222 | +++ b/core/mm/pgt_cache.c | ||
223 | @@ -410,8 +410,18 @@ void pgt_init(void) | ||
224 | * has a large alignment, while .bss has a small alignment. The current | ||
225 | * link script is optimized for small alignment in .bss | ||
226 | */ | ||
227 | +#ifdef __clang__ | ||
228 | +#pragma clang section bss=".nozi.mmu.l2" | ||
229 | +#endif | ||
230 | static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE] | ||
231 | - __aligned(PGT_SIZE) __section(".nozi.pgt_cache"); | ||
232 | + __aligned(PGT_SIZE) | ||
233 | +#ifndef __clang__ | ||
234 | + __section(".nozi.pgt_cache") | ||
235 | +#endif | ||
236 | + ; | ||
237 | +#ifdef __clang__ | ||
238 | +#pragma clang section bss="" | ||
239 | +#endif | ||
240 | size_t n; | ||
241 | |||
242 | for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) { | ||
243 | -- | 243 | -- |
244 | 2.40.1 | 244 | 2.43.2 |
245 | |||
246 | 245 | ||
diff --git a/recipes-security/optee-imx/optee-os/0002-optee-enable-clang-support.patch b/recipes-security/optee-imx/optee-os/0002-optee-enable-clang-support.patch index 096579c0..dbc53542 100644 --- a/recipes-security/optee-imx/optee-os/0002-optee-enable-clang-support.patch +++ b/recipes-security/optee-imx/optee-os/0002-optee-enable-clang-support.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From c67f63d4e7bbe7b21b4c9ef49ae84c6725794aa9 Mon Sep 17 00:00:00 2001 | 1 | From 2ba573c9763329fbfdfacc8393d565ab747cac4d Mon Sep 17 00:00:00 2001 |
2 | From: Brett Warren <brett.warren@arm.com> | 2 | From: Brett Warren <brett.warren@arm.com> |
3 | Date: Wed, 23 Sep 2020 09:27:34 +0100 | 3 | Date: Wed, 23 Sep 2020 09:27:34 +0100 |
4 | Subject: [PATCH 2/4] optee: enable clang support | 4 | Subject: [PATCH 2/4] optee: enable clang support |
@@ -30,5 +30,5 @@ index a045beee8..1ebe2f702 100644 | |||
30 | 30 | ||
31 | # Core ASLR relies on the executable being ready to run from its preferred load | 31 | # Core ASLR relies on the executable being ready to run from its preferred load |
32 | -- | 32 | -- |
33 | 2.40.1 | 33 | 2.43.2 |
34 | 34 | ||
diff --git a/recipes-security/optee-imx/optee-os/0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch b/recipes-security/optee-imx/optee-os/0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch index f0fac69f..1c5753c7 100644 --- a/recipes-security/optee-imx/optee-os/0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch +++ b/recipes-security/optee-imx/optee-os/0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From f23fb3381422c613890f77c26d11e377234481c6 Mon Sep 17 00:00:00 2001 | 1 | From 6f738803a59613ec4a683ddbc1747ebffd75a4e6 Mon Sep 17 00:00:00 2001 |
2 | From: Jerome Forissier <jerome.forissier@linaro.org> | 2 | From: Jerome Forissier <jerome.forissier@linaro.org> |
3 | Date: Tue, 23 Aug 2022 12:31:46 +0000 | 3 | Date: Tue, 23 Aug 2022 12:31:46 +0000 |
4 | Subject: [PATCH 3/4] arm32: libutils, libutee, ta: add .note.GNU-stack section | 4 | Subject: [PATCH 3/4] arm32: libutils, libutee, ta: add .note.GNU-stack section |
@@ -129,5 +129,5 @@ index cd9a12f9d..ccdc19928 100644 | |||
129 | * This function is the bottom of the user call stack. Mark it as such so that | 129 | * This function is the bottom of the user call stack. Mark it as such so that |
130 | * the unwinding code won't try to go further down. | 130 | * the unwinding code won't try to go further down. |
131 | -- | 131 | -- |
132 | 2.40.1 | 132 | 2.43.2 |
133 | 133 | ||
diff --git a/recipes-security/optee-imx/optee-os/0004-core-link-add-no-warn-rwx-segments.patch b/recipes-security/optee-imx/optee-os/0004-core-link-add-no-warn-rwx-segments.patch index f72d80dc..f32b2284 100644 --- a/recipes-security/optee-imx/optee-os/0004-core-link-add-no-warn-rwx-segments.patch +++ b/recipes-security/optee-imx/optee-os/0004-core-link-add-no-warn-rwx-segments.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From b53f5542102b8088448134202c30ca563f5b3c04 Mon Sep 17 00:00:00 2001 | 1 | From a63f82f74e015eb662242cdb51ef814e3f576829 Mon Sep 17 00:00:00 2001 |
2 | From: Jerome Forissier <jerome.forissier@linaro.org> | 2 | From: Jerome Forissier <jerome.forissier@linaro.org> |
3 | Date: Fri, 5 Aug 2022 09:48:03 +0200 | 3 | Date: Fri, 5 Aug 2022 09:48:03 +0200 |
4 | Subject: [PATCH 4/4] core: link: add --no-warn-rwx-segments | 4 | Subject: [PATCH 4/4] core: link: add --no-warn-rwx-segments |
@@ -25,7 +25,7 @@ Signed-off-by: Oleksandr Suvorov <oleksandr.suvorov@foundries.io> | |||
25 | 1 file changed, 4 insertions(+), 2 deletions(-) | 25 | 1 file changed, 4 insertions(+), 2 deletions(-) |
26 | 26 | ||
27 | diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk | 27 | diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk |
28 | index e8a518254..60e08966f 100644 | 28 | index 49e9f4fa1..9e1cc172f 100644 |
29 | --- a/core/arch/arm/kernel/link.mk | 29 | --- a/core/arch/arm/kernel/link.mk |
30 | +++ b/core/arch/arm/kernel/link.mk | 30 | +++ b/core/arch/arm/kernel/link.mk |
31 | @@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment | 31 | @@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment |
@@ -63,5 +63,5 @@ index e8a518254..60e08966f 100644 | |||
63 | $(libgcccore) | 63 | $(libgcccore) |
64 | cleanfiles += $(link-out-dir)/init.o | 64 | cleanfiles += $(link-out-dir)/init.o |
65 | -- | 65 | -- |
66 | 2.40.1 | 66 | 2.43.2 |
67 | 67 | ||
diff --git a/recipes-security/optee-imx/optee-os_3.21.0.imx.bb b/recipes-security/optee-imx/optee-os_4.0.0.imx.bb index 89788370..cecfc23c 100644 --- a/recipes-security/optee-imx/optee-os_3.21.0.imx.bb +++ b/recipes-security/optee-imx/optee-os_4.0.0.imx.bb | |||
@@ -8,5 +8,5 @@ SRC_URI += " \ | |||
8 | file://0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch \ | 8 | file://0003-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch \ |
9 | file://0004-core-link-add-no-warn-rwx-segments.patch \ | 9 | file://0004-core-link-add-no-warn-rwx-segments.patch \ |
10 | " | 10 | " |
11 | SRCBRANCH = "lf-6.1.36_2.1.0" | 11 | SRCBRANCH = "lf-6.1.55_2.2.0" |
12 | SRCREV = "4e32281904b15af9ddbdf00f73e1c08eae21c695" | 12 | SRCREV = "a303fc80f7c4bd713315687a1fa1d6ed136e78ee" |
diff --git a/recipes-security/optee-imx/optee-test_3.21.0.imx.bb b/recipes-security/optee-imx/optee-test_4.0.0.imx.bb index 159c74ce..dd4ee307 100644 --- a/recipes-security/optee-imx/optee-test_3.21.0.imx.bb +++ b/recipes-security/optee-imx/optee-test_4.0.0.imx.bb | |||
@@ -4,7 +4,7 @@ require optee-test-fslc.inc | |||
4 | 4 | ||
5 | SRC_URI = "git://github.com/nxp-imx/imx-optee-test.git;protocol=https;branch=${SRCBRANCH}" | 5 | SRC_URI = "git://github.com/nxp-imx/imx-optee-test.git;protocol=https;branch=${SRCBRANCH}" |
6 | 6 | ||
7 | SRCBRANCH = "lf-6.1.36_2.1.0" | 7 | SRCBRANCH = "lf-6.1.55_2.2.0" |
8 | SRCREV = "e0ebd5193070e0215b5389da191bc33f4f478222" | 8 | SRCREV = "38efacef3b14b32a6792ceaebe211b5718536fbb" |
9 | 9 | ||
10 | COMPATIBLE_MACHINE = "(imx-nxp-bsp)" | 10 | COMPATIBLE_MACHINE = "(imx-nxp-bsp)" |