mirrors/meta-arm
1
0
Fork 0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-01-11 15:00:39 +00:00
Code Issues Projects Releases Wiki Activity

arm-bsp: Remove tc1

Browse Source 
Remove tc1 and related recipes that are unique to it (and generally
unused ones).

Signed-off-by: Jon Mason <jon.mason@arm.com>
This commit is contained in:
Jon Mason
2024-04-11 08:59:13 -04:00
parent 2021b81dc5
commit 0af53c6453
35 changed files with 0 additions and 2615 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.gitlab-ci.yml
View File

@@ -260,14 +260,6 @@ qemuarmv5:
sgi575:
extends: .build
tc1:
extends: .build
parallel:
matrix:
- TESTING: testimage
tags:
- x86_64
toolchains:
extends: .build

1
ci/fvps.yml
View File

@@ -22,4 +22,3 @@ target:
- nativesdk-fvp-corstone1000
- nativesdk-fvp-n1-edge
- nativesdk-fvp-sgi575
- nativesdk-fvp-tc1

11
ci/tc1.yml
View File

@@ -1,11 +0,0 @@
header:
version: 14
includes:
- ci/base.yml
- ci/fvp.yml
- ci/meta-openembedded.yml
machine: tc1
target:
- core-image-minimal

36
meta-arm-bsp/conf/machine/include/tc.inc
View File

@@ -1,36 +0,0 @@
TUNE_FEATURES = "aarch64"
require conf/machine/include/arm/arch-armv8a.inc
MACHINEOVERRIDES =. "tc:"
# Das U-boot
UBOOT_MACHINE ?= "total_compute_defconfig"
UBOOT_RD_LOADADDRESS = "0x88000000"
UBOOT_RD_ENTRYPOINT = "0x88000000"
UBOOT_LOADADDRESS = "0x80080000"
UBOOT_ENTRYPOINT = "0x80080000"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
# OP-TEE
PREFERRED_VERSION_optee-os ?= "3.20%"
PREFERRED_VERSION_optee-client ?= "3.20%"
PREFERRED_VERSION_optee-test ?= "3.20%"
# Cannot use the default zImage on arm64
KERNEL_IMAGETYPE = "Image"
KERNEL_IMAGETYPES += "fitImage"
KERNEL_CLASSES = " kernel-fitimage "
IMAGE_FSTYPES += "cpio.gz"
INITRAMFS_IMAGE ?= "core-image-minimal"
IMAGE_NAME_SUFFIX = ""
SERIAL_CONSOLES = "115200;ttyAMA0"
EXTRA_IMAGEDEPENDS += "trusted-firmware-a optee-os"
PREFERRED_VERSION_trusted-firmware-a ?= "2.8.%"
# FIXME - there is signed image dependency/race with testimage.
# This should be fixed in oe-core
TESTIMAGEDEPENDS:append = " virtual/kernel:do_deploy"

31
meta-arm-bsp/conf/machine/tc1.conf
View File

@@ -1,31 +0,0 @@
# Configuration for TC1
#@TYPE: Machine
#@NAME: TC1
#@DESCRIPTION: Machine configuration for TC1
require conf/machine/include/tc.inc
TEST_TARGET = "OEFVPTarget"
TEST_SUITES = "fvp_boot"
# FVP Config
FVP_PROVIDER ?= "fvp-tc1-native"
FVP_EXE ?= "FVP_TC1"
# FVP Parameters
FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp_romfw.bin"
FVP_CONFIG[css.trustedBootROMloader.fname] ?= "bl1-tc.bin"
FVP_CONFIG[board.flashloader0.fname] ?= "fip_gpt-tc.bin"
#FVP_CONFIG[board.hostbridge.userNetworking] ?= "true"
#FVP_CONFIG[board.hostbridge.userNetPorts] ?= "2222=22"
#smsc ethernet takes a very long time to come up. disable now to prevent testimage timeout
#FVP_CONFIG[board.smsc_91c111.enabled] ?= "1"
FVP_CONSOLE = "terminal_s1"
FVP_TERMINALS[soc.terminal_s0] ?= "Secure Console"
FVP_TERMINALS[soc.terminal_s1] ?= "Console"
# Boot image
FVP_DATA ?= "board.dram=fitImage-core-image-minimal-tc1-tc1@0x20000000"

32
meta-arm-bsp/documentation/tc1.md
View File

@@ -1,32 +0,0 @@
# TC1 Platform Support in meta-arm-bsp
## Overview
The Total Compute platform provides an envelope for all of Arm's latest IP and
software solutions, optimised to work together. Further information can be
found on the Total Compute community page:
https://community.arm.com/developer/tools-software/oss-platforms/w/docs/606/total-compute
The user guide for TC1 platform with detailed instructions for
syncing and building the source code and running on TC1 Fixed Virtual Platform
for poky and android distributions is available at:
https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/tree/docs/tc1/user-guide.rst
## Building
In the local.conf file, MACHINE should be set as follows:
MACHINE = "tc1"
To build the required binaries for tc1, run the commmand:
```bash$ bitbake tc-artifacts-image```
Trusted-firmware-a is the final component to be built with the rest of the
components dependent of it, therefore building tc-artifacts-image which depends
on trusted-firmware-a will build all the required binaries.
## Running
To run the produced binaries in a TC1 Fixed Virtual Platform please get
the run scripts at:
https://git.linaro.org/landing-teams/working/arm/model-scripts.git/
and follow the instructions in the user-guide.rst available in:
https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/tree/docs/tc1/user-guide.rst

8
meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc
View File

@@ -1,8 +0,0 @@
# TC specific configuration
COMPATIBLE_MACHINE = "(tc?)"
HAFNIUM_PLATFORM = "secure_tc"
do_compile() {
PATH="${S}/prebuilts/linux-x64/clang/bin:$PATH" oe_runmake -C ${S}
}

6
meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-tc.inc
View File

@@ -1,6 +0,0 @@
# TC specific SCP configuration
COMPATIBLE_MACHINE = "(tc1)"
SCP_PRODUCT_GROUP = "totalcompute"
FW_TARGETS = "scp"

134
meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-tc.inc
View File

@@ -1,134 +0,0 @@
# TC0 specific TFA configuration
DEPENDS += "scp-firmware util-linux-native gptfdisk-native"
FILESEXTRAPATHS:prepend := "${THISDIR}/files/tc:"
SRC_URI:append = " \
file://generate_metadata.py \
"
COMPATIBLE_MACHINE = "(tc?)"
TFA_PLATFORM = "tc"
TFA_BUILD_TARGET = "all fip"
TFA_UBOOT = "1"
TFA_INSTALL_TARGET = "bl1 fip"
TFA_MBEDTLS = "1"
TFA_DEBUG = "1"
TFA_SPD = "spmd"
TFA_SPMD_SPM_AT_SEL2 = "1"
TFA_TARGET_PLATFORM:tc0 = "0"
TFA_TARGET_PLATFORM:tc1 = "1"
EXTRA_OEMAKE += "TARGET_PLATFORM=${TFA_TARGET_PLATFORM}"
# Set optee as SP. Set spmc manifest and sp layout file to optee
DEPENDS += "optee-os"
TFA_SP_LAYOUT_FILE = "${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/sp_layout.json"
TFA_ARM_SPMC_MANIFEST_DTS = "plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts"
EXTRA_OEMAKE += "SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin"
EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
EXTRA_OEMAKE += "PSA_FWU_SUPPORT=1 ARM_GPT_SUPPORT=1"
EXTRA_OEMAKE += "CTX_INCLUDE_MTE_REGS=1"
do_generate_gpt() {
gpt_image="${BUILD_DIR}/fip_gpt.bin"
fip_bin="${BUILD_DIR}/fip.bin"
# the FIP partition type is not standardized, so generate one
fip_type_uuid=`uuidgen --sha1 --namespace @dns --name "fip_type_uuid"`
# metadata partition type UUID, specified by the document:
# Platform Security Firmware Update for the A-profile Arm Architecture
# version: 1.0BET0
metadata_type_uuid="8a7a84a0-8387-40f6-ab41-a8b9a5a60d23"
location_uuid=`uuidgen`
FIP_A_uuid=`uuidgen`
FIP_B_uuid=`uuidgen`
# maximum FIP size 4MB. This is the current size of the FIP rounded up to an integer number of MB.
fip_max_size=4194304
fip_bin_size=$(stat -c %s $fip_bin)
if [ $fip_max_size -lt $fip_bin_size ]; then
bberror "FIP binary ($fip_bin_size bytes) is larger than the GPT partition ($fip_max_size bytes)"
fi
# maximum metadata size 512B. This is the current size of the metadata rounded up to an integer number of sectors.
metadata_max_size=512
metadata_file="${BUILD_DIR}/metadata.bin"
python3 ${WORKDIR}/generate_metadata.py --metadata_file $metadata_file \
--img_type_uuids $fip_type_uuid \
--location_uuids $location_uuid \
--img_uuids $FIP_A_uuid $FIP_B_uuid
# create GPT image. The GPT contains 2 FIP partitions: FIP_A and FIP_B, and 2 metadata partitions: FWU-Metadata and Bkup-FWU-Metadata.
# the GPT layout is the following:
# -----------------------
# Protective MBR
# -----------------------
# Primary GPT Header
# -----------------------
# FIP_A
# -----------------------
# FIP_B
# -----------------------
# FWU-Metadata
# -----------------------
# Bkup-FWU-Metadata
# -----------------------
# Secondary GPT Header
# -----------------------
sector_size=512
gpt_header_size=33 # valid only for 512-byte sectors
num_sectors_fip=`expr $fip_max_size / $sector_size`
num_sectors_metadata=`expr $metadata_max_size / $sector_size`
start_sector_1=`expr 1 + $gpt_header_size` # size of MBR is 1 sector
start_sector_2=`expr $start_sector_1 + $num_sectors_fip`
start_sector_3=`expr $start_sector_2 + $num_sectors_fip`
start_sector_4=`expr $start_sector_3 + $num_sectors_metadata`
num_sectors_gpt=`expr $start_sector_4 + $num_sectors_metadata + $gpt_header_size`
gpt_size=`expr $num_sectors_gpt \* $sector_size`
# create raw image
dd if=/dev/zero of=$gpt_image bs=$gpt_size count=1
# create the GPT layout
sgdisk $gpt_image \
--set-alignment 1 \
--disk-guid $location_uuid \
\
--new 1:$start_sector_1:+$num_sectors_fip \
--change-name 1:FIP_A \
--typecode 1:$fip_type_uuid \
--partition-guid 1:$FIP_A_uuid \
\
--new 2:$start_sector_2:+$num_sectors_fip \
--change-name 2:FIP_B \
--typecode 2:$fip_type_uuid \
--partition-guid 2:$FIP_B_uuid \
\
--new 3:$start_sector_3:+$num_sectors_metadata \
--change-name 3:FWU-Metadata \
--typecode 3:$metadata_type_uuid \
\
--new 4:$start_sector_4:+$num_sectors_metadata \
--change-name 4:Bkup-FWU-Metadata \
--typecode 4:$metadata_type_uuid
# populate the GPT partitions
dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_1 count=$num_sectors_fip conv=notrunc
dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_2 count=$num_sectors_fip conv=notrunc
dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_3 count=$num_sectors_metadata conv=notrunc
dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_4 count=$num_sectors_metadata conv=notrunc
}
addtask do_generate_gpt after do_compile before do_install
do_install:append() {
install -m 0644 ${BUILD_DIR}/fip_gpt.bin ${D}/firmware/fip_gpt-tc.bin
ln -sf fip_gpt-tc.bin ${D}/firmware/fip_gpt.bin
}

19
meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb
View File

@@ -1,19 +0,0 @@
require recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
# TF-A v2.8.6
SRCREV_tfa = "ff0bd5f9bb2ba2f31fb9cec96df917747af9e92d"
SRCBRANCH = "lts-v2.8"
SRC_URI += "file://rwx-segments.patch"
LIC_FILES_CHKSUM += "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
# mbed TLS v2.28.2
SRC_URI_MBEDTLS = "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;destsuffix=git/mbedtls;branch=mbedtls-2.28"
SRCREV_mbedtls = "89f040a5c938985c5f30728baed21e49d0846a53"
LIC_FILES_CHKSUM_MBEDTLS = "file://mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
do_compile:prepend() {
sed -i '/^LDLIBS/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/fiptool/Makefile
}

5
meta-arm-bsp/recipes-bsp/u-boot/u-boot-tc.inc
View File

@@ -1,5 +0,0 @@
# TC0 and TC1 specific U-boot support
SRC_URI:append = " \
file://bootargs.cfg \
"

120
meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0001-WIP-Enable-managed-exit.patch
View File

@@ -1,120 +0,0 @@
From f449f6fdcbd987e18a26f0daeccfa447fe76821a Mon Sep 17 00:00:00 2001
From: Olivier Deprez <olivier.deprez@arm.com>
Date: Mon, 16 Nov 2020 10:14:02 +0100
Subject: [PATCH] WIP: Enable managed exit
This change declares OP-TEE SP as supporting managed exit in response to
a NS interrupt triggering while the SWd runs.
At init OP-TEE enables (HF_INTERRUPT_ENABLE) the managed exit virtual
interrupt through the Hafnium para-virtualized interface.
Physical interrupts are trapped to the SPMC which injects a managed exit
interrupt to OP-TEE. The managed exit interrupt is acknowledged by
OP-TEE by HF_INTERUPT_GET hvc call.
Note: this code change is meant with in mind the SPMC runs at SEL2. It
needs slight refactoring such that it does not break the SEL1 SPMC
configuration.
Change-Id: I9a95f36cf517c11048ff04680007f40259c4f636
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Upstream-Status: Pending [Not submitted to upstream yet]
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
---
core/arch/arm/kernel/boot.c | 12 ++++++++++++
core/arch/arm/kernel/thread_a64.S | 11 ++++++++++-
core/arch/arm/kernel/thread_spmc.c | 11 +++++++++++
.../arm/plat-totalcompute/fdts/optee_sp_manifest.dts | 1 +
4 files changed, 34 insertions(+), 1 deletion(-)
diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c
index dd34173e8..7d2ac74e8 100644
--- a/core/arch/arm/kernel/boot.c
+++ b/core/arch/arm/kernel/boot.c
@@ -1424,6 +1424,18 @@ static void init_secondary_helper(unsigned long nsec_entry)
init_vfp_sec();
init_vfp_nsec();
+ /* Enable managed exit interrupt for secondary core. */
+ __asm__ volatile (
+ "mov x0, %0;"
+ "mov x1, %1;"
+ "mov x2, %2;"
+ "mov x3, %3;"
+ "hvc #0"
+ : : "i" (0xff03), "i" (4), "i" (1), "i" (1));
+
+ IMSG("%s core %lu: enabled managed exit interrupt.",
+ __func__, get_core_pos());
+
IMSG("Secondary CPU %zu switching to normal world boot", get_core_pos());
}
diff --git a/core/arch/arm/kernel/thread_a64.S b/core/arch/arm/kernel/thread_a64.S
index 4fa97de24..4facc7631 100644
--- a/core/arch/arm/kernel/thread_a64.S
+++ b/core/arch/arm/kernel/thread_a64.S
@@ -1162,6 +1162,14 @@ END_FUNC el0_sync_abort
bl dcache_op_louis
ic iallu
#endif
+
+ /* HF_INTERRUPT_GET */
+ mov x0, #0xff04
+ hvc #0
+ /* Expect managed exit interrupt */
+ cmp x0, #4
+ bne .
+
/*
* Mark current thread as suspended
*/
@@ -1318,8 +1326,9 @@ LOCAL_FUNC elx_irq , :
#endif
END_FUNC elx_irq
+#define HF_MANAGED_EXIT 1
LOCAL_FUNC elx_fiq , :
-#if defined(CFG_ARM_GICV3)
+#if defined(CFG_ARM_GICV3) || defined (HF_MANAGED_EXIT)
foreign_intr_handler fiq
#else
native_intr_handler fiq
diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c
index 3b4ac0b4e..8f7c18dfa 100644
--- a/core/arch/arm/kernel/thread_spmc.c
+++ b/core/arch/arm/kernel/thread_spmc.c
@@ -1517,6 +1517,17 @@ static TEE_Result spmc_init(void)
my_endpoint_id = spmc_get_id();
DMSG("My endpoint ID %#x", my_endpoint_id);
+ /* Enable managed exit interrupt for boot core. */
+ __asm__ volatile (
+ "mov x0, %0;"
+ "mov x1, %1;"
+ "mov x2, %2;"
+ "mov x3, %3;"
+ "hvc #0"
+ : : "i" (0xff03), "i" (4), "i" (1), "i" (1));
+
+ IMSG("%s enabled managed exit interrupt.", __func__);
+
return TEE_SUCCESS;
}
#endif /* !defined(CFG_CORE_SEL1_SPMC) */
diff --git a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
index 3ebbaddc8..56e69f372 100644
--- a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
+++ b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
@@ -24,6 +24,7 @@
xlat-granule = <0>; /* 4KiB */
boot-order = <0>;
messaging-method = <0x3>; /* Direct request/response supported */
+ managed-exit; /* Managed exit supported */
device-regions {
compatible = "arm,ffa-manifest-device-regions";

34
meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch
View File

@@ -1,34 +0,0 @@
From 5ddda749c60dce834bcd79e8b8d904858319adc0 Mon Sep 17 00:00:00 2001
From: Rupinderjit Singh <rupinderjit.singh@arm.com>
Date: Tue, 7 Feb 2023 09:45:02 +0000
Subject: [PATCH] plat-totalcompute: update TZDRAM_SIZE
For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to
0x4000 for boot protocol support.
Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Backport
Signed-off-by: Jon Mason <jon.mason@arm.com>
---
core/arch/arm/plat-totalcompute/conf.mk | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/core/arch/arm/plat-totalcompute/conf.mk b/core/arch/arm/plat-totalcompute/conf.mk
index b39ac0f0667f..2f6c0ee1460a 100644
--- a/core/arch/arm/plat-totalcompute/conf.mk
+++ b/core/arch/arm/plat-totalcompute/conf.mk
@@ -32,8 +32,9 @@ ifeq ($(CFG_CORE_SEL1_SPMC),y)
CFG_TZDRAM_START ?= 0xfd000000
CFG_TZDRAM_SIZE ?= 0x02000000
else ifeq ($(CFG_CORE_SEL2_SPMC),y)
-CFG_TZDRAM_START ?= 0xfd281000
-CFG_TZDRAM_SIZE ?= 0x01d7f000
+CFG_TZDRAM_START ?= 0xfd284000
+# TZDRAM size 0x1980000 - 0x4000 manifest size
+CFG_TZDRAM_SIZE ?= 0x0197c000
else
CFG_TZDRAM_START ?= 0xff000000
CFG_TZDRAM_SIZE ?= 0x01000000

55
meta-arm-bsp/recipes-security/optee/files/optee-test/tc/0001-xtest-Limit-tests-to-a-single-thread.patch
View File

@@ -1,55 +0,0 @@
From 73bef38c5697cd6bd3ddbe9046681087f4f6454e Mon Sep 17 00:00:00 2001
From: Ben Horgan <ben.horgan@arm.com>
Date: Thu, 27 Jan 2022 10:33:04 +0000
Subject: [PATCH] xtest: Limit tests to a single thread
Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Upstream-Status: Inappropriate [Workaround for intermittent failures]
---
host/xtest/regression_1000.c | 2 +-
host/xtest/regression_2000.c | 2 +-
host/xtest/regression_6000.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c
index 9ee9d02..82d1def 100644
--- a/host/xtest/regression_1000.c
+++ b/host/xtest/regression_1000.c
@@ -1080,7 +1080,7 @@ static void *test_1013_thread(void *arg)
return NULL;
}
-#define NUM_THREADS 3
+#define NUM_THREADS 1
static void xtest_tee_test_1013_single(ADBG_Case_t *c, double *mean_concurrency,
const TEEC_UUID *uuid)
diff --git a/host/xtest/regression_2000.c b/host/xtest/regression_2000.c
index 0591a42..a9f4b95 100644
--- a/host/xtest/regression_2000.c
+++ b/host/xtest/regression_2000.c
@@ -499,7 +499,7 @@ out:
return NULL;
}
-#define NUM_THREADS 3
+#define NUM_THREADS 1
static void xtest_tee_test_2002(ADBG_Case_t *c)
{
diff --git a/host/xtest/regression_6000.c b/host/xtest/regression_6000.c
index ca1c254..d67ea7f 100644
--- a/host/xtest/regression_6000.c
+++ b/host/xtest/regression_6000.c
@@ -1568,7 +1568,7 @@ exit:
}
-#define NUM_THREADS 4
+#define NUM_THREADS 1
static void xtest_tee_test_6016_loop(ADBG_Case_t *c, uint32_t storage_id)
{
struct test_6016_thread_arg arg[NUM_THREADS] = { };
--
2.17.1

7
meta-arm-bsp/recipes-security/optee/optee-client_3.20.0.bb
View File

@@ -1,7 +0,0 @@
require recipes-security/optee/optee-client.inc
SRCREV = "dd2d39b49975d2ada7870fe2b7f5a84d0d3860dc"
inherit pkgconfig
DEPENDS += "util-linux"
EXTRA_OEMAKE += "PKG_CONFIG=pkg-config"

34
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch
View File

@@ -1,34 +0,0 @@
From 843eb2ef918d5ae3d09de088110cb026ca25306b Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@arm.com>
Date: Tue, 26 May 2020 14:38:02 -0500
Subject: [PATCH] allow setting sysroot for libgcc lookup
Explicitly pass the new variable LIBGCC_LOCATE_CFLAGS variable when searching
for the compiler libraries as there's no easy way to reliably pass --sysroot
otherwise.
Upstream-Status: Pending [https://github.com/OP-TEE/optee_os/issues/4188]
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
mk/gcc.mk | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/mk/gcc.mk b/mk/gcc.mk
index adc77a24f25e..81bfa78ad8d7 100644
--- a/mk/gcc.mk
+++ b/mk/gcc.mk
@@ -13,11 +13,11 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \
-print-file-name=include 2> /dev/null)
# Get location of libgcc from gcc
-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
-print-libgcc-file-name 2> /dev/null)
-libstdc++$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
+libstdc++$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
-print-file-name=libstdc++.a 2> /dev/null)
-libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
+libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
-print-file-name=libgcc_eh.a 2> /dev/null)
# Define these to something to discover accidental use

29
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0002-optee-enable-clang-support.patch
View File

@@ -1,29 +0,0 @@
From 0ca5ef7c8256dbd9690a01a82397bc16a123e179 Mon Sep 17 00:00:00 2001
From: Brett Warren <brett.warren@arm.com>
Date: Wed, 23 Sep 2020 09:27:34 +0100
Subject: [PATCH] optee: enable clang support
When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used
to provide a sysroot wasn't included, which results in not locating
compiler-rt. This is mitigated by including the variable as ammended.
Upstream-Status: Pending
ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701
Signed-off-by: Brett Warren <brett.warren@arm.com>
---
mk/clang.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mk/clang.mk b/mk/clang.mk
index a045beee8482..1ebe2f702dcd 100644
--- a/mk/clang.mk
+++ b/mk/clang.mk
@@ -30,7 +30,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \
# Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of
# libgcc for clang
-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
-rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null)
# Core ASLR relies on the executable being ready to run from its preferred load

62
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0003-core-link-add-no-warn-rwx-segments.patch
View File

@@ -1,62 +0,0 @@
From 741df4df0ec7b69b0573cff265dc1ae7cb70b55c Mon Sep 17 00:00:00 2001
From: Jerome Forissier <jerome.forissier@linaro.org>
Date: Fri, 5 Aug 2022 09:48:03 +0200
Subject: [PATCH] core: link: add --no-warn-rwx-segments
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5474]
binutils ld.bfd generates one RWX LOAD segment by merging several sections
with mixed R/W/X attributes (.text, .rodata, .data). After version 2.38 it
also warns by default when that happens [1], which breaks the build due to
--fatal-warnings. The RWX segment is not a problem for the TEE core, since
that information is not used to set memory permissions. Therefore, silence
the warning.
Link: [1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29448
Reported-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
---
core/arch/arm/kernel/link.mk | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk
index 0e96e606cd9d..3fbcb6804c6f 100644
--- a/core/arch/arm/kernel/link.mk
+++ b/core/arch/arm/kernel/link.mk
@@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment
link-ldflags += --fatal-warnings
link-ldflags += --gc-sections
link-ldflags += $(link-ldflags-common)
+link-ldflags += $(call ld-option,--no-warn-rwx-segments)
link-ldadd = $(LDADD)
link-ldadd += $(ldflags-external)
@@ -61,6 +62,7 @@ link-script-cppflags := \
$(cppflagscore))
ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \
+ $(call ld-option,--no-warn-rwx-segments) \
$(link-ldflags-common) \
$(link-objs) $(link-ldadd) $(libgcccore)
cleanfiles += $(link-out-dir)/all_objs.o
@@ -75,7 +77,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o
$(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@
unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \
- $(link-ldflags-common)
+ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments)
unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore)
cleanfiles += $(link-out-dir)/unpaged.o
$(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt
@@ -104,7 +106,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o
$(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@
init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \
- $(link-ldflags-common)
+ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments)
init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \
$(libgcccore)
cleanfiles += $(link-out-dir)/init.o

240
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0004-core-Define-section-attributes-for-clang.patch
View File

@@ -1,240 +0,0 @@
From 162493e5b212b9d7391669a55be09b69b97a9cf8 Mon Sep 17 00:00:00 2001
From: Emekcan Aras <emekcan.aras@arm.com>
Date: Wed, 21 Dec 2022 10:55:58 +0000
Subject: [PATCH] core: Define section attributes for clang
Clang's attribute section is not same as gcc, here we need to add flags
to sections so they can be eventually collected by linker into final
output segments. Only way to do so with clang is to use
pragma clang section ...
The behavious is described here [1], this allows us to define names bss
sections. This was not an issue until clang-15 where LLD linker starts
to detect the section flags before merging them and throws the following
errors
| ld.lld: error: section type mismatch for .nozi.kdata_page
| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/kernel/thread.o:(.nozi.kdata_page): SHT_PROGBITS
| >>> output section .nozi: SHT_NOBITS
|
| ld.lld: error: section type mismatch for .nozi.mmu.l2
| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/mm/core_mmu_lpae.o:(.nozi.mmu.l2): SHT_PROGBITS
| >>> output section .nozi: SHT_NOBITS
These sections should be carrying SHT_NOBITS but so far it was not
possible to do so, this patch tries to use clangs pragma to get this
going and match the functionality with gcc.
[1] https://intel.github.io/llvm-docs/clang/LanguageExtensions.html#specifying-section-names-for-global-objects-pragma-clang-section
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
core/arch/arm/kernel/thread.c | 19 +++++++++++++++--
core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++----
core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++---
core/arch/arm/mm/pgt_cache.c | 12 ++++++++++-
core/kernel/thread.c | 13 +++++++++++-
5 files changed, 104 insertions(+), 11 deletions(-)
diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c
index 1cf76a0ca690..1e7f9f96b558 100644
--- a/core/arch/arm/kernel/thread.c
+++ b/core/arch/arm/kernel/thread.c
@@ -44,15 +44,30 @@ static size_t thread_user_kcode_size __nex_bss;
#if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \
defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64)
long thread_user_kdata_sp_offset __nex_bss;
+#ifdef __clang__
+#ifndef CFG_VIRTUALIZATION
+#pragma clang section bss=".nozi.kdata_page"
+#else
+#pragma clang section bss=".nex_nozi.kdata_page"
+#endif
+#endif
static uint8_t thread_user_kdata_page[
ROUNDUP(sizeof(struct thread_core_local) * CFG_TEE_CORE_NB_CORE,
SMALL_PAGE_SIZE)]
__aligned(SMALL_PAGE_SIZE)
+#ifndef __clang__
#ifndef CFG_VIRTUALIZATION
- __section(".nozi.kdata_page");
+ __section(".nozi.kdata_page")
#else
- __section(".nex_nozi.kdata_page");
+ __section(".nex_nozi.kdata_page")
#endif
+#endif
+ ;
+#endif
+
+/* reset BSS section to default ( .bss ) */
+#ifdef __clang__
+#pragma clang section bss=""
#endif
#ifdef ARM32
diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c
index 3f08eec623f3..e6dc9261c41e 100644
--- a/core/arch/arm/mm/core_mmu_lpae.c
+++ b/core/arch/arm/mm/core_mmu_lpae.c
@@ -233,19 +233,46 @@ typedef uint16_t l1_idx_t;
typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES];
typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES];
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.base_table"
+#endif
static base_xlat_tbls_t base_xlation_table[NUM_BASE_TABLES]
__aligned(NUM_BASE_LEVEL_ENTRIES * XLAT_ENTRY_SIZE)
- __section(".nozi.mmu.base_table");
+#ifndef __clang__
+ __section(".nozi.mmu.base_table")
+#endif
+;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.l2"
+#endif
static xlat_tbl_t xlat_tables[MAX_XLAT_TABLES]
- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2");
+ __aligned(XLAT_TABLE_SIZE)
+#ifndef __clang__
+ __section(".nozi.mmu.l2")
+#endif
+;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
#define XLAT_TABLES_SIZE (sizeof(xlat_tbl_t) * MAX_XLAT_TABLES)
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.l2"
+#endif
/* MMU L2 table for TAs, one for each thread */
static xlat_tbl_t xlat_tables_ul1[CFG_NUM_THREADS]
- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2");
-
+#ifndef __clang__
+ __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2")
+#endif
+;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
/*
* TAs page table entry inside a level 1 page table.
*
diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c
index cd85bd22d385..3e18f54f6cf8 100644
--- a/core/arch/arm/mm/core_mmu_v7.c
+++ b/core/arch/arm/mm/core_mmu_v7.c
@@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES];
typedef uint32_t l2_xlat_tbl_t[NUM_L2_ENTRIES];
typedef uint32_t ul1_xlat_tbl_t[NUM_UL1_ENTRIES];
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.l1"
+#endif
static l1_xlat_tbl_t main_mmu_l1_ttb
- __aligned(L1_ALIGNMENT) __section(".nozi.mmu.l1");
+ __aligned(L1_ALIGNMENT)
+#ifndef __clang__
+ __section(".nozi.mmu.l1")
+#endif
+;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
/* L2 MMU tables */
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.l2"
+#endif
static l2_xlat_tbl_t main_mmu_l2_ttb[MAX_XLAT_TABLES]
- __aligned(L2_ALIGNMENT) __section(".nozi.mmu.l2");
+ __aligned(L2_ALIGNMENT)
+#ifndef __clang__
+ __section(".nozi.mmu.l2")
+#endif
+;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
/* MMU L1 table for TAs, one for each thread */
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.ul1"
+#endif
static ul1_xlat_tbl_t main_mmu_ul1_ttb[CFG_NUM_THREADS]
- __aligned(UL1_ALIGNMENT) __section(".nozi.mmu.ul1");
+ __aligned(UL1_ALIGNMENT)
+#ifndef __clang__
+ __section(".nozi.mmu.ul1")
+#endif
+;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
struct mmu_partition {
l1_xlat_tbl_t *l1_table;
diff --git a/core/arch/arm/mm/pgt_cache.c b/core/arch/arm/mm/pgt_cache.c
index 79553c6d2183..b9efdf42780b 100644
--- a/core/arch/arm/mm/pgt_cache.c
+++ b/core/arch/arm/mm/pgt_cache.c
@@ -410,8 +410,18 @@ void pgt_init(void)
* has a large alignment, while .bss has a small alignment. The current
* link script is optimized for small alignment in .bss
*/
+#ifdef __clang__
+#pragma clang section bss=".nozi.mmu.l2"
+#endif
static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE]
- __aligned(PGT_SIZE) __section(".nozi.pgt_cache");
+ __aligned(PGT_SIZE)
+#ifndef __clang__
+ __section(".nozi.pgt_cache")
+#endif
+ ;
+#ifdef __clang__
+#pragma clang section bss=""
+#endif
size_t n;
for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) {
diff --git a/core/kernel/thread.c b/core/kernel/thread.c
index d1f2f3823be7..8de124ae5357 100644
--- a/core/kernel/thread.c
+++ b/core/kernel/thread.c
@@ -38,13 +38,24 @@ struct thread_core_local thread_core_local[CFG_TEE_CORE_NB_CORE] __nex_bss;
name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1]
#endif
+#define DO_PRAGMA(x) _Pragma (#x)
+
+#ifdef __clang__
+#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \
+DO_PRAGMA (clang section bss=".nozi_stack." #name) \
+linkage uint32_t name[num_stacks] \
+ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \
+ STACK_ALIGNMENT) / sizeof(uint32_t)] \
+ __attribute__((aligned(STACK_ALIGNMENT))); \
+DO_PRAGMA(clang section bss="")
+#else
#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \
linkage uint32_t name[num_stacks] \
[ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \
STACK_ALIGNMENT) / sizeof(uint32_t)] \
__attribute__((section(".nozi_stack." # name), \
aligned(STACK_ALIGNMENT)))
-
+#endif
#define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack))
DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE,

89
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch
View File

@@ -1,89 +0,0 @@
From d0e32b6e202cde672c2b38dc568122a52be716b4 Mon Sep 17 00:00:00 2001
From: Jens Wiklander <jens.wiklander@linaro.org>
Date: Mon, 21 Nov 2022 18:17:33 +0100
Subject: [PATCH] core: arm: S-EL1 SPMC: boot ABI update
Updates the boot ABI for S-EL1 SPMC to align better with other SPMCs,
like Hafnium, but also with the non-FF-A configuration.
Register usage:
X0 - TOS FW config [1] address, if not NULL
X2 - System DTB, if not NULL
Adds check in the default get_aslr_seed() to see if the system DTB is
present before trying to read kaslr-seed from secure-chosen.
Note that this is an incompatible change and requires corresponding
change in TF-A ("feat(qemu): update abi between spmd and spmc") [2].
[1] A TF-A concept: TOS_FW_CONFIG - Trusted OS Firmware configuration
file. Used by Trusted OS (BL32), that is, OP-TEE in this case
Link: [2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=25ae7ad1878244f78206cc7c91f7bdbd267331a1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Upstream-Status: Backport [f1f431c7a92671b4fa397976d381cc5ad8adacc4]
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
---
core/arch/arm/kernel/boot.c | 8 +++++++-
core/arch/arm/kernel/entry_a64.S | 17 ++++++++---------
2 files changed, 15 insertions(+), 10 deletions(-)
diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c
index dd34173e838d..e02c02b6097d 100644
--- a/core/arch/arm/kernel/boot.c
+++ b/core/arch/arm/kernel/boot.c
@@ -1502,11 +1502,17 @@ struct ns_entry_context *boot_core_hpen(void)
#if defined(CFG_DT)
unsigned long __weak get_aslr_seed(void *fdt)
{
- int rc = fdt_check_header(fdt);
+ int rc = 0;
const uint64_t *seed = NULL;
int offs = 0;
int len = 0;
+ if (!fdt) {
+ DMSG("No fdt");
+ goto err;
+ }
+
+ rc = fdt_check_header(fdt);
if (rc) {
DMSG("Bad fdt: %d", rc);
goto err;
diff --git a/core/arch/arm/kernel/entry_a64.S b/core/arch/arm/kernel/entry_a64.S
index 4c6e9d75ca45..047ae1f25cc9 100644
--- a/core/arch/arm/kernel/entry_a64.S
+++ b/core/arch/arm/kernel/entry_a64.S
@@ -143,21 +143,20 @@
.endm
FUNC _start , :
-#if defined(CFG_CORE_SEL1_SPMC)
/*
- * With OP-TEE as SPMC at S-EL1 the SPMD (SPD_spmd) in TF-A passes
- * the DTB in x0, pagaeble part in x1 and the rest of the registers
- * are unused
+ * If CFG_CORE_FFA is enabled, then x0 if non-NULL holds the TOS FW
+ * config [1] address, else x0 if non-NULL holds the pagable part
+ * address.
+ *
+ * [1] A TF-A concept: TOS_FW_CONFIG - Trusted OS Firmware
+ * configuration file. Used by Trusted OS (BL32), that is, OP-TEE
+ * here.
*/
- mov x19, x1 /* Save pagable part */
- mov x20, x0 /* Save DT address */
-#else
- mov x19, x0 /* Save pagable part address */
+ mov x19, x0
#if defined(CFG_DT_ADDR)
ldr x20, =CFG_DT_ADDR
#else
mov x20, x2 /* Save DT address */
-#endif
#endif
adr x0, reset_vect_table

247
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch
View File

@@ -1,247 +0,0 @@
From 9da324001fd93e1b3d9bca076e4afddbb5cac289 Mon Sep 17 00:00:00 2001
From: Balint Dobszay <balint.dobszay@arm.com>
Date: Fri, 10 Feb 2023 11:07:27 +0100
Subject: [PATCH] core: ffa: add TOS_FW_CONFIG handling
At boot TF-A passes two DT addresses (HW_CONFIG and TOS_FW_CONFIG), but
currently only the HW_CONFIG address is saved, the other one is dropped.
This commit adds functionality to save the TOS_FW_CONFIG too, so we can
retrieve it later. This is necessary for the CFG_CORE_SEL1_SPMC use
case, because the SPMC manifest is passed in this DT.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Upstream-Status: Backport [809fa817ae6331d98b55f7afaa3c20f8407822e4]
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
---
core/arch/arm/kernel/boot.c | 60 ++++++++++++++++++++++-
core/arch/arm/kernel/entry_a32.S | 3 +-
core/arch/arm/kernel/entry_a64.S | 13 ++++-
core/arch/arm/kernel/link_dummies_paged.c | 4 +-
core/arch/arm/kernel/secure_partition.c | 2 +-
core/include/kernel/boot.h | 7 ++-
6 files changed, 81 insertions(+), 8 deletions(-)
diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c
index e02c02b6097d..98e13c072d8e 100644
--- a/core/arch/arm/kernel/boot.c
+++ b/core/arch/arm/kernel/boot.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: BSD-2-Clause
/*
* Copyright (c) 2015-2022, Linaro Limited
+ * Copyright (c) 2023, Arm Limited
*/
#include <arm.h>
@@ -83,6 +84,9 @@ struct dt_descriptor {
};
static struct dt_descriptor external_dt __nex_bss;
+#ifdef CFG_CORE_SEL1_SPMC
+static struct dt_descriptor tos_fw_config_dt __nex_bss;
+#endif
#endif
#ifdef CFG_SECONDARY_INIT_CNTFRQ
@@ -1224,6 +1228,54 @@ static struct core_mmu_phys_mem *get_nsec_memory(void *fdt __unused,
#endif /*CFG_CORE_DYN_SHM*/
#endif /*!CFG_DT*/
+#if defined(CFG_CORE_SEL1_SPMC) && defined(CFG_DT)
+void *get_tos_fw_config_dt(void)
+{
+ if (!IS_ENABLED(CFG_MAP_EXT_DT_SECURE))
+ return NULL;
+
+ assert(cpu_mmu_enabled());
+
+ return tos_fw_config_dt.blob;
+}
+
+static void init_tos_fw_config_dt(unsigned long pa)
+{
+ struct dt_descriptor *dt = &tos_fw_config_dt;
+ void *fdt = NULL;
+ int ret = 0;
+
+ if (!IS_ENABLED(CFG_MAP_EXT_DT_SECURE))
+ return;
+
+ if (!pa)
+ panic("No TOS_FW_CONFIG DT found");
+
+ fdt = core_mmu_add_mapping(MEM_AREA_EXT_DT, pa, CFG_DTB_MAX_SIZE);
+ if (!fdt)
+ panic("Failed to map TOS_FW_CONFIG DT");
+
+ dt->blob = fdt;
+
+ ret = fdt_open_into(fdt, fdt, CFG_DTB_MAX_SIZE);
+ if (ret < 0) {
+ EMSG("Invalid Device Tree at %#lx: error %d", pa, ret);
+ panic();
+ }
+
+ IMSG("TOS_FW_CONFIG DT found");
+}
+#else
+void *get_tos_fw_config_dt(void)
+{
+ return NULL;
+}
+
+static void init_tos_fw_config_dt(unsigned long pa __unused)
+{
+}
+#endif /*CFG_CORE_SEL1_SPMC && CFG_DT*/
+
#ifdef CFG_CORE_DYN_SHM
static void discover_nsec_memory(void)
{
@@ -1361,10 +1413,16 @@ static bool cpu_nmfi_enabled(void)
* Note: this function is weak just to make it possible to exclude it from
* the unpaged area.
*/
-void __weak boot_init_primary_late(unsigned long fdt)
+void __weak boot_init_primary_late(unsigned long fdt,
+ unsigned long tos_fw_config)
{
init_external_dt(fdt);
+ init_tos_fw_config_dt(tos_fw_config);
+#ifdef CFG_CORE_SEL1_SPMC
+ tpm_map_log_area(get_tos_fw_config_dt());
+#else
tpm_map_log_area(get_external_dt());
+#endif
discover_nsec_memory();
update_external_dt();
configure_console_from_dt();
diff --git a/core/arch/arm/kernel/entry_a32.S b/core/arch/arm/kernel/entry_a32.S
index 0f14ca2f6ad9..3758fd8b7674 100644
--- a/core/arch/arm/kernel/entry_a32.S
+++ b/core/arch/arm/kernel/entry_a32.S
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: BSD-2-Clause */
/*
* Copyright (c) 2014, Linaro Limited
- * Copyright (c) 2021, Arm Limited
+ * Copyright (c) 2021-2023, Arm Limited
*/
#include <arm32_macros.S>
@@ -560,6 +560,7 @@ shadow_stack_access_ok:
str r0, [r8, #THREAD_CORE_LOCAL_FLAGS]
#endif
mov r0, r6 /* DT address */
+ mov r1, #0 /* unused */
bl boot_init_primary_late
#ifndef CFG_VIRTUALIZATION
mov r0, #THREAD_CLF_TMP
diff --git a/core/arch/arm/kernel/entry_a64.S b/core/arch/arm/kernel/entry_a64.S
index 047ae1f25cc9..fa76437fb73c 100644
--- a/core/arch/arm/kernel/entry_a64.S
+++ b/core/arch/arm/kernel/entry_a64.S
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: BSD-2-Clause */
/*
* Copyright (c) 2015-2022, Linaro Limited
- * Copyright (c) 2021, Arm Limited
+ * Copyright (c) 2021-2023, Arm Limited
*/
#include <platform_config.h>
@@ -320,7 +320,11 @@ clear_nex_bss:
bl core_mmu_set_default_prtn_tbl
#endif
+#ifdef CFG_CORE_SEL1_SPMC
+ mov x0, xzr /* pager not used */
+#else
mov x0, x19 /* pagable part address */
+#endif
mov x1, #-1
bl boot_init_primary_early
@@ -337,7 +341,12 @@ clear_nex_bss:
mov x22, x0
str wzr, [x22, #THREAD_CORE_LOCAL_FLAGS]
#endif
- mov x0, x20 /* DT address */
+ mov x0, x20 /* DT address also known as HW_CONFIG */
+#ifdef CFG_CORE_SEL1_SPMC
+ mov x1, x19 /* TOS_FW_CONFIG DT address */
+#else
+ mov x1, xzr /* unused */
+#endif
bl boot_init_primary_late
#ifdef CFG_CORE_PAUTH
init_pauth_per_cpu
diff --git a/core/arch/arm/kernel/link_dummies_paged.c b/core/arch/arm/kernel/link_dummies_paged.c
index 3b8287e06a11..023a5f3f558b 100644
--- a/core/arch/arm/kernel/link_dummies_paged.c
+++ b/core/arch/arm/kernel/link_dummies_paged.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: BSD-2-Clause
/*
* Copyright (c) 2017-2021, Linaro Limited
+ * Copyright (c) 2023, Arm Limited
*/
#include <compiler.h>
#include <initcall.h>
@@ -27,7 +28,8 @@ void __section(".text.dummy.call_finalcalls") call_finalcalls(void)
}
void __section(".text.dummy.boot_init_primary_late")
-boot_init_primary_late(unsigned long fdt __unused)
+boot_init_primary_late(unsigned long fdt __unused,
+ unsigned long tos_fw_config __unused)
{
}
diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c
index 1d36e90b1cf7..d386f1e4d211 100644
--- a/core/arch/arm/kernel/secure_partition.c
+++ b/core/arch/arm/kernel/secure_partition.c
@@ -1212,7 +1212,7 @@ static TEE_Result fip_sp_map_all(void)
int subnode = 0;
int root = 0;
- fdt = get_external_dt();
+ fdt = get_tos_fw_config_dt();
if (!fdt) {
EMSG("No SPMC manifest found");
return TEE_ERROR_GENERIC;
diff --git a/core/include/kernel/boot.h b/core/include/kernel/boot.h
index 260854473b8b..941e093b29a1 100644
--- a/core/include/kernel/boot.h
+++ b/core/include/kernel/boot.h
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: BSD-2-Clause */
/*
* Copyright (c) 2015-2020, Linaro Limited
- * Copyright (c) 2021, Arm Limited
+ * Copyright (c) 2021-2023, Arm Limited
*/
#ifndef __KERNEL_BOOT_H
#define __KERNEL_BOOT_H
@@ -46,7 +46,7 @@ extern const struct core_mmu_config boot_mmu_config;
/* @nsec_entry is unused if using CFG_WITH_ARM_TRUSTED_FW */
void boot_init_primary_early(unsigned long pageable_part,
unsigned long nsec_entry);
-void boot_init_primary_late(unsigned long fdt);
+void boot_init_primary_late(unsigned long fdt, unsigned long tos_fw_config);
void boot_init_memtag(void);
void __panic_at_smc_return(void) __noreturn;
@@ -103,6 +103,9 @@ void *get_embedded_dt(void);
/* Returns external DTB if present, otherwise NULL */
void *get_external_dt(void);
+/* Returns TOS_FW_CONFIG DTB if present, otherwise NULL */
+void *get_tos_fw_config_dt(void);
+
/*
* get_aslr_seed() - return a random seed for core ASLR
* @fdt: Pointer to a device tree if CFG_DT_ADDR=y

275
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch
View File

@@ -1,275 +0,0 @@
From 18ad0cce24addd45271edf3172ab9ce873186d7a Mon Sep 17 00:00:00 2001
From: Imre Kis <imre.kis@arm.com>
Date: Tue, 18 Apr 2023 16:41:51 +0200
Subject: [PATCH] core: spmc: handle non-secure interrupts
Add FFA_INTERRUPT and FFA_RUN support for signaling non-secure
interrupts and for resuming to the secure world. If a secure partition
is preempted by a non-secure interrupt OP-TEE saves the SP's state and
sends an FFA_INTERRUPT to the normal world. After handling the interrupt
the normal world should send an FFA_RUN to OP-TEE so it can continue
running the SP.
If OP-TEE is the active FF-A endpoint (i.e. it is running TAs) the
non-secure interrupts are signaled by the existing
OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT message instead of
FFA_INTERRUPT.
Upstream-Status: Submitted [https://github.com/OP-TEE/optee_os/pull/6002]
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I577ebe86d416ee494963216a66a3bfc8206921b4
---
core/arch/arm/include/ffa.h | 2 +-
.../arch/arm/include/kernel/spmc_sp_handler.h | 11 +++++++
core/arch/arm/kernel/secure_partition.c | 17 ++++++++++
core/arch/arm/kernel/spmc_sp_handler.c | 26 ++++++++++++++++
core/arch/arm/kernel/thread.c | 7 +++++
core/arch/arm/kernel/thread_spmc.c | 31 ++++++++++++++++++-
core/arch/arm/kernel/thread_spmc_a64.S | 30 ++++++++++++++++++
7 files changed, 122 insertions(+), 2 deletions(-)
diff --git a/core/arch/arm/include/ffa.h b/core/arch/arm/include/ffa.h
index 5a19fb0c7ff3..b3d1d354735d 100644
--- a/core/arch/arm/include/ffa.h
+++ b/core/arch/arm/include/ffa.h
@@ -50,7 +50,7 @@
#define FFA_ID_GET U(0x84000069)
#define FFA_MSG_WAIT U(0x8400006B)
#define FFA_MSG_YIELD U(0x8400006C)
-#define FFA_MSG_RUN U(0x8400006D)
+#define FFA_RUN U(0x8400006D)
#define FFA_MSG_SEND U(0x8400006E)
#define FFA_MSG_SEND_DIRECT_REQ_32 U(0x8400006F)
#define FFA_MSG_SEND_DIRECT_REQ_64 U(0xC400006F)
diff --git a/core/arch/arm/include/kernel/spmc_sp_handler.h b/core/arch/arm/include/kernel/spmc_sp_handler.h
index f5bda7bfe7d0..30c1e4691273 100644
--- a/core/arch/arm/include/kernel/spmc_sp_handler.h
+++ b/core/arch/arm/include/kernel/spmc_sp_handler.h
@@ -25,6 +25,8 @@ void spmc_sp_start_thread(struct thread_smc_args *args);
int spmc_sp_add_share(struct ffa_rxtx *rxtx,
size_t blen, uint64_t *global_handle,
struct sp_session *owner_sp);
+void spmc_sp_set_to_preempted(struct ts_session *ts_sess);
+int spmc_sp_resume_from_preempted(uint16_t endpoint_id);
#else
static inline void spmc_sp_start_thread(struct thread_smc_args *args __unused)
{
@@ -37,6 +39,15 @@ static inline int spmc_sp_add_share(struct ffa_rxtx *rxtx __unused,
{
return FFA_NOT_SUPPORTED;
}
+
+static inline void spmc_sp_set_to_preempted(struct ts_session *ts_sess __unused)
+{
+}
+
+static inline int spmc_sp_resume_from_preempted(uint16_t endpoint_id __unused)
+{
+ return FFA_NOT_SUPPORTED;
+}
#endif
#endif /* __KERNEL_SPMC_SP_HANDLER_H */
diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c
index d386f1e4d211..740be6d22e47 100644
--- a/core/arch/arm/kernel/secure_partition.c
+++ b/core/arch/arm/kernel/secure_partition.c
@@ -999,6 +999,8 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
struct sp_session *sp_s = to_sp_session(s);
struct ts_session *sess = NULL;
struct thread_ctx_regs *sp_regs = NULL;
+ uint32_t thread_id = THREAD_ID_INVALID;
+ uint32_t rpc_target_info = 0;
uint32_t panicked = false;
uint32_t panic_code = 0;
@@ -1011,8 +1013,23 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
sp_regs->cpsr = read_daif() & (SPSR_64_DAIF_MASK << SPSR_64_DAIF_SHIFT);
exceptions = thread_mask_exceptions(THREAD_EXCP_ALL);
+
+ /*
+ * Store endpoint ID and thread ID in rpc_target_info. This will be used
+ * as w1 in FFA_INTERRUPT in case of a NWd interrupt.
+ */
+ rpc_target_info = thread_get_tsd()->rpc_target_info;
+ thread_id = thread_get_id();
+ assert((thread_id & ~0xffff) == 0);
+ thread_get_tsd()->rpc_target_info = (sp_s->endpoint_id << 16) |
+ (thread_id & 0xffff);
+
__thread_enter_user_mode(sp_regs, &panicked, &panic_code);
+
sp_regs->cpsr = cpsr;
+ /* Restore rpc_target_info */
+ thread_get_tsd()->rpc_target_info = rpc_target_info;
+
thread_unmask_exceptions(exceptions);
thread_user_clear_vfp(&ctx->uctx);
diff --git a/core/arch/arm/kernel/spmc_sp_handler.c b/core/arch/arm/kernel/spmc_sp_handler.c
index 46a15646ecf0..12681151a796 100644
--- a/core/arch/arm/kernel/spmc_sp_handler.c
+++ b/core/arch/arm/kernel/spmc_sp_handler.c
@@ -366,6 +366,32 @@ cleanup:
return res;
}
+void spmc_sp_set_to_preempted(struct ts_session *ts_sess)
+{
+ if (ts_sess && is_sp_ctx(ts_sess->ctx)) {
+ struct sp_session *sp_sess = to_sp_session(ts_sess);
+
+ assert(sp_sess->state == sp_busy);
+
+ sp_sess->state = sp_preempted;
+ }
+}
+
+int spmc_sp_resume_from_preempted(uint16_t endpoint_id)
+{
+ struct sp_session *sp_sess = sp_get_session(endpoint_id);
+
+ if (!sp_sess)
+ return FFA_INVALID_PARAMETERS;
+
+ if (sp_sess->state != sp_preempted)
+ return FFA_DENIED;
+
+ sp_sess->state = sp_busy;
+
+ return FFA_OK;
+}
+
static bool check_rxtx(struct ffa_rxtx *rxtx)
{
return rxtx && rxtx->rx && rxtx->tx && rxtx->size > 0;
diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c
index 1e7f9f96b558..8cd4dc961b02 100644
--- a/core/arch/arm/kernel/thread.c
+++ b/core/arch/arm/kernel/thread.c
@@ -531,6 +531,13 @@ int thread_state_suspend(uint32_t flags, uint32_t cpsr, vaddr_t pc)
core_mmu_set_user_map(NULL);
}
+ if (IS_ENABLED(CFG_SECURE_PARTITION)) {
+ struct ts_session *ts_sess =
+ TAILQ_FIRST(&threads[ct].tsd.sess_stack);
+
+ spmc_sp_set_to_preempted(ts_sess);
+ }
+
l->curr_thread = THREAD_ID_INVALID;
if (IS_ENABLED(CFG_VIRTUALIZATION))
diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c
index 3b4ac0b4e35c..bc4e7687d618 100644
--- a/core/arch/arm/kernel/thread_spmc.c
+++ b/core/arch/arm/kernel/thread_spmc.c
@@ -45,7 +45,7 @@ struct mem_frag_state {
#endif
/* Initialized in spmc_init() below */
-static uint16_t my_endpoint_id;
+uint16_t my_endpoint_id;
/*
* If struct ffa_rxtx::size is 0 RX/TX buffers are not mapped or initialized.
@@ -437,6 +437,32 @@ out:
FFA_PARAM_MBZ, FFA_PARAM_MBZ);
cpu_spin_unlock(&rxtx->spinlock);
}
+
+static void spmc_handle_run(struct thread_smc_args *args)
+{
+ uint16_t endpoint = (args->a1 >> 16) & 0xffff;
+ uint16_t thread_id = (args->a1 & 0xffff);
+ uint32_t rc = 0;
+
+ if (endpoint != my_endpoint_id) {
+ /*
+ * The endpoint should be an SP, try to resume the SP from
+ * preempted into busy state.
+ */
+ rc = spmc_sp_resume_from_preempted(endpoint);
+ if (rc)
+ goto out;
+ }
+
+ thread_resume_from_rpc(thread_id, 0, 0, 0, 0);
+
+ /* thread_resume_from_rpc return only of the thread_id is invalid */
+ rc = FFA_INVALID_PARAMETERS;
+
+out:
+ spmc_set_args(args, FFA_ERROR, FFA_PARAM_MBZ, rc, FFA_PARAM_MBZ,
+ FFA_PARAM_MBZ, FFA_PARAM_MBZ);
+}
#endif /*CFG_CORE_SEL1_SPMC*/
static void handle_yielding_call(struct thread_smc_args *args)
@@ -970,6 +996,9 @@ void thread_spmc_msg_recv(struct thread_smc_args *args)
case FFA_PARTITION_INFO_GET:
spmc_handle_partition_info_get(args, &nw_rxtx);
break;
+ case FFA_RUN:
+ spmc_handle_run(args);
+ break;
#endif /*CFG_CORE_SEL1_SPMC*/
case FFA_INTERRUPT:
itr_core_handler();
diff --git a/core/arch/arm/kernel/thread_spmc_a64.S b/core/arch/arm/kernel/thread_spmc_a64.S
index 21cb62513a42..7297005a6038 100644
--- a/core/arch/arm/kernel/thread_spmc_a64.S
+++ b/core/arch/arm/kernel/thread_spmc_a64.S
@@ -14,6 +14,20 @@
#include <kernel/thread.h>
#include <optee_ffa.h>
+#if CFG_SECURE_PARTITION
+LOCAL_FUNC thread_ffa_interrupt , :
+ mov_imm x0, FFA_INTERRUPT /* FID */
+ /* X1: Endpoint/vCPU IDs is set by caller */
+ mov x2, #FFA_PARAM_MBZ /* Param MBZ */
+ mov x3, #FFA_PARAM_MBZ /* Param MBZ */
+ mov x4, #FFA_PARAM_MBZ /* Param MBZ */
+ mov x5, #FFA_PARAM_MBZ /* Param MBZ */
+ mov x6, #FFA_PARAM_MBZ /* Param MBZ */
+ mov x7, #FFA_PARAM_MBZ /* Param MBZ */
+ b .ffa_msg_loop
+END_FUNC thread_ffa_msg_wait
+#endif /* CFG_SECURE_PARTITION */
+
FUNC thread_ffa_msg_wait , :
mov_imm x0, FFA_MSG_WAIT /* FID */
mov x1, #FFA_TARGET_INFO_MBZ /* Target info MBZ */
@@ -171,6 +185,14 @@ END_FUNC thread_rpc
* The current thread as indicated by @thread_index has just been
* suspended. The job here is just to inform normal world the thread id to
* resume when returning.
+ * If the active FF-A endpoint is OP-TEE (or a TA) then an this function send an
+ * OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT message to the normal world via the
+ * FFA_MSG_SEND_DIRECT_RESP interface. This is handled by the OP-TEE
+ * driver in Linux so it can schedule task to the thread.
+ * If the active endpoint is an SP the function sends an FFA_INTERRUPT. This is
+ * handled by the FF-A driver and after taking care of the NWd interrupts it
+ * returns via an FFA_RUN call.
+ * The active endpoint is determined by the upper 16 bits of rpc_target_info.
*/
FUNC thread_foreign_intr_exit , :
/* load threads[w0].tsd.rpc_target_info into w1 */
@@ -178,6 +200,14 @@ FUNC thread_foreign_intr_exit , :
adr_l x2, threads
madd x1, x1, x0, x2
ldr w1, [x1, #THREAD_CTX_TSD_RPC_TARGET_INFO]
+#if CFG_SECURE_PARTITION
+ adr_l x2, my_endpoint_id
+ ldrh w2, [x2]
+ lsr w3, w1, #16
+ cmp w2, w3
+ /* (threads[w0].tsd.rpc_target_info >> 16) != my_endpoint_id */
+ bne thread_ffa_interrupt
+#endif /* CFG_SECURE_PARTITION */
mov x2, #FFA_PARAM_MBZ
mov w3, #FFA_PARAM_MBZ
mov w4, #OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT

148
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch
View File

@@ -1,148 +0,0 @@
From e7835c526aabd8e5b6db335619a0d86165c587ed Mon Sep 17 00:00:00 2001
From: Imre Kis <imre.kis@arm.com>
Date: Tue, 25 Apr 2023 14:19:14 +0200
Subject: [PATCH] core: spmc: configure SP's NS interrupt action based on the
manifest
Used mandatory ns-interrupts-action SP manifest property to configure
signaled or queued non-secure interrupt handling.
Upstream-Status: Submitted [https://github.com/OP-TEE/optee_os/pull/6002]
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I843e69e5dbb9613ecd8b95654e8ca1730a594ca6
---
.../arm/include/kernel/secure_partition.h | 2 +
core/arch/arm/kernel/secure_partition.c | 66 +++++++++++++++++--
2 files changed, 63 insertions(+), 5 deletions(-)
diff --git a/core/arch/arm/include/kernel/secure_partition.h b/core/arch/arm/include/kernel/secure_partition.h
index 24b0a8cc07d2..51f6b697e5eb 100644
--- a/core/arch/arm/include/kernel/secure_partition.h
+++ b/core/arch/arm/include/kernel/secure_partition.h
@@ -43,6 +43,8 @@ struct sp_session {
unsigned int spinlock;
const void *fdt;
bool is_initialized;
+ uint32_t ns_interrupts_action;
+ uint32_t ns_interrupts_action_inherited;
TAILQ_ENTRY(sp_session) link;
};
diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c
index 740be6d22e47..b644e1c72e6a 100644
--- a/core/arch/arm/kernel/secure_partition.c
+++ b/core/arch/arm/kernel/secure_partition.c
@@ -46,6 +46,10 @@
SP_MANIFEST_ATTR_WRITE | \
SP_MANIFEST_ATTR_EXEC)
+#define SP_MANIFEST_NS_INT_QUEUED (0x0)
+#define SP_MANIFEST_NS_INT_MANAGED_EXIT (0x1)
+#define SP_MANIFEST_NS_INT_SIGNALED (0x2)
+
#define SP_PKG_HEADER_MAGIC (0x474b5053)
#define SP_PKG_HEADER_VERSION_V1 (0x1)
#define SP_PKG_HEADER_VERSION_V2 (0x2)
@@ -907,6 +911,30 @@ static TEE_Result sp_init_uuid(const TEE_UUID *uuid, const void * const fdt)
return res;
DMSG("endpoint is 0x%"PRIx16, sess->endpoint_id);
+ res = sp_dt_get_u32(fdt, 0, "ns-interrupts-action",
+ &sess->ns_interrupts_action);
+
+ if (res) {
+ EMSG("Mandatory property is missing: ns-interrupts-action");
+ return res;
+ }
+
+ switch (sess->ns_interrupts_action) {
+ case SP_MANIFEST_NS_INT_QUEUED:
+ case SP_MANIFEST_NS_INT_SIGNALED:
+ /* OK */
+ break;
+
+ case SP_MANIFEST_NS_INT_MANAGED_EXIT:
+ EMSG("Managed exit is not implemented");
+ return TEE_ERROR_NOT_IMPLEMENTED;
+
+ default:
+ EMSG("Invalid ns-interrupts-action value: %d",
+ sess->ns_interrupts_action);
+ return TEE_ERROR_BAD_PARAMETERS;
+ }
+
return TEE_SUCCESS;
}
@@ -989,17 +1017,45 @@ TEE_Result sp_enter(struct thread_smc_args *args, struct sp_session *sp)
return res;
}
+/*
+ * According to FF-A v1.1 section 8.3.1.4 if a caller requires less permissive
+ * active on NS interrupt than the callee, the callee must inherit the caller's
+ * configuration.
+ * Each SP's own NS action setting is stored in ns_interrupts_action. The
+ * effective action will be MIN([self action], [caller's action]) which is
+ * stored in the ns_interrupts_action_inherited field.
+ */
+static void sp_cpsr_configure_foreing_interrupts(struct sp_session *s,
+ struct ts_session *caller,
+ uint64_t *cpsr)
+{
+ if (caller) {
+ struct sp_session *caller_sp = to_sp_session(caller);
+
+ s->ns_interrupts_action_inherited =
+ MIN(caller_sp->ns_interrupts_action_inherited,
+ s->ns_interrupts_action);
+ } else {
+ s->ns_interrupts_action_inherited = s->ns_interrupts_action;
+ }
+
+ if (s->ns_interrupts_action_inherited == SP_MANIFEST_NS_INT_QUEUED)
+ *cpsr |= (THREAD_EXCP_FOREIGN_INTR << ARM32_CPSR_F_SHIFT);
+ else
+ *cpsr &= ~(THREAD_EXCP_FOREIGN_INTR << ARM32_CPSR_F_SHIFT);
+}
+
static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
uint32_t cmd __unused)
{
struct sp_ctx *ctx = to_sp_ctx(s->ctx);
TEE_Result res = TEE_SUCCESS;
uint32_t exceptions = 0;
- uint64_t cpsr = 0;
struct sp_session *sp_s = to_sp_session(s);
struct ts_session *sess = NULL;
struct thread_ctx_regs *sp_regs = NULL;
uint32_t thread_id = THREAD_ID_INVALID;
+ struct ts_session *caller = NULL;
uint32_t rpc_target_info = 0;
uint32_t panicked = false;
uint32_t panic_code = 0;
@@ -1009,11 +1065,12 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
sp_regs = &ctx->sp_regs;
ts_push_current_session(s);
- cpsr = sp_regs->cpsr;
- sp_regs->cpsr = read_daif() & (SPSR_64_DAIF_MASK << SPSR_64_DAIF_SHIFT);
-
exceptions = thread_mask_exceptions(THREAD_EXCP_ALL);
+ /* Enable/disable foreign interrupts in CPSR/SPSR */
+ caller = ts_get_calling_session();
+ sp_cpsr_configure_foreing_interrupts(sp_s, caller, &sp_regs->cpsr);
+
/*
* Store endpoint ID and thread ID in rpc_target_info. This will be used
* as w1 in FFA_INTERRUPT in case of a NWd interrupt.
@@ -1026,7 +1083,6 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
__thread_enter_user_mode(sp_regs, &panicked, &panic_code);
- sp_regs->cpsr = cpsr;
/* Restore rpc_target_info */
thread_get_tsd()->rpc_target_info = rpc_target_info;

634
meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/CVE-2023-41325.patch
View File

@@ -1,634 +0,0 @@
From 800627f054959aac0dd3527495ee3fad0137600a Mon Sep 17 00:00:00 2001
From: Jihwan Park <jihwp@amazon.com>
Date: Mon, 3 Jul 2023 08:51:47 +0200
Subject: [PATCH] core: crypto_bignum_free(): add indirection and set pointer
to NULL
To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.
Signed-off-by: Jihwan Park <jihwp@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
CVE: CVE-2023-41325
Upstream-Status: Backport
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
core/crypto/crypto.c | 4 +--
core/drivers/crypto/caam/acipher/caam_dh.c | 8 ++---
core/drivers/crypto/caam/acipher/caam_dsa.c | 14 ++++----
core/drivers/crypto/caam/acipher/caam_ecc.c | 10 +++---
core/drivers/crypto/caam/acipher/caam_rsa.c | 24 ++++++-------
core/drivers/crypto/se050/core/ecc.c | 14 ++++----
core/drivers/crypto/se050/core/rsa.c | 38 ++++++++++-----------
core/drivers/crypto/versal/ecc.c | 6 ++--
core/include/crypto/crypto.h | 2 +-
core/lib/libtomcrypt/dh.c | 8 ++---
core/lib/libtomcrypt/dsa.c | 14 ++++----
core/lib/libtomcrypt/ecc.c | 10 +++---
core/lib/libtomcrypt/mpi_desc.c | 9 +++--
core/lib/libtomcrypt/rsa.c | 22 ++++++------
core/tee/tee_svc_cryp.c | 7 ++--
lib/libmbedtls/core/bignum.c | 9 +++--
lib/libmbedtls/core/dh.c | 8 ++---
lib/libmbedtls/core/ecc.c | 10 +++---
lib/libmbedtls/core/rsa.c | 22 ++++++------
19 files changed, 122 insertions(+), 117 deletions(-)
diff --git a/core/crypto/crypto.c b/core/crypto/crypto.c
index 9f7d35097..60cb89a31 100644
--- a/core/crypto/crypto.c
+++ b/core/crypto/crypto.c
@@ -498,9 +498,9 @@ void crypto_bignum_copy(struct bignum *to __unused,
bignum_cant_happen();
}
-void crypto_bignum_free(struct bignum *a)
+void crypto_bignum_free(struct bignum **a)
{
- if (a)
+ if (a && *a)
panic();
}
diff --git a/core/drivers/crypto/caam/acipher/caam_dh.c b/core/drivers/crypto/caam/acipher/caam_dh.c
index 6131ff0ef..35fc44541 100644
--- a/core/drivers/crypto/caam/acipher/caam_dh.c
+++ b/core/drivers/crypto/caam/acipher/caam_dh.c
@@ -195,10 +195,10 @@ static TEE_Result do_allocate_keypair(struct dh_keypair *key, size_t size_bits)
err:
DH_TRACE("Allocation error");
- crypto_bignum_free(key->g);
- crypto_bignum_free(key->p);
- crypto_bignum_free(key->x);
- crypto_bignum_free(key->y);
+ crypto_bignum_free(&key->g);
+ crypto_bignum_free(&key->p);
+ crypto_bignum_free(&key->x);
+ crypto_bignum_free(&key->y);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/core/drivers/crypto/caam/acipher/caam_dsa.c b/core/drivers/crypto/caam/acipher/caam_dsa.c
index 2696f0b3c..d60bb8e89 100644
--- a/core/drivers/crypto/caam/acipher/caam_dsa.c
+++ b/core/drivers/crypto/caam/acipher/caam_dsa.c
@@ -309,10 +309,10 @@ static TEE_Result do_allocate_keypair(struct dsa_keypair *key, size_t l_bits,
err:
DSA_TRACE("Allocation error");
- crypto_bignum_free(key->g);
- crypto_bignum_free(key->p);
- crypto_bignum_free(key->q);
- crypto_bignum_free(key->x);
+ crypto_bignum_free(&key->g);
+ crypto_bignum_free(&key->p);
+ crypto_bignum_free(&key->q);
+ crypto_bignum_free(&key->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -358,9 +358,9 @@ static TEE_Result do_allocate_publickey(struct dsa_public_key *key,
err:
DSA_TRACE("Allocation error");
- crypto_bignum_free(key->g);
- crypto_bignum_free(key->p);
- crypto_bignum_free(key->q);
+ crypto_bignum_free(&key->g);
+ crypto_bignum_free(&key->p);
+ crypto_bignum_free(&key->q);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/core/drivers/crypto/caam/acipher/caam_ecc.c b/core/drivers/crypto/caam/acipher/caam_ecc.c
index 90e87c20a..6b12b6cbe 100644
--- a/core/drivers/crypto/caam/acipher/caam_ecc.c
+++ b/core/drivers/crypto/caam/acipher/caam_ecc.c
@@ -169,8 +169,8 @@ static TEE_Result do_allocate_keypair(struct ecc_keypair *key, size_t size_bits)
err:
ECC_TRACE("Allocation error");
- crypto_bignum_free(key->d);
- crypto_bignum_free(key->x);
+ crypto_bignum_free(&key->d);
+ crypto_bignum_free(&key->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -204,7 +204,7 @@ static TEE_Result do_allocate_publickey(struct ecc_public_key *key,
err:
ECC_TRACE("Allocation error");
- crypto_bignum_free(key->x);
+ crypto_bignum_free(&key->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -216,8 +216,8 @@ err:
*/
static void do_free_publickey(struct ecc_public_key *key)
{
- crypto_bignum_free(key->x);
- crypto_bignum_free(key->y);
+ crypto_bignum_free(&key->x);
+ crypto_bignum_free(&key->y);
}
/*
diff --git a/core/drivers/crypto/caam/acipher/caam_rsa.c b/core/drivers/crypto/caam/acipher/caam_rsa.c
index e860c641c..b59ab0b6e 100644
--- a/core/drivers/crypto/caam/acipher/caam_rsa.c
+++ b/core/drivers/crypto/caam/acipher/caam_rsa.c
@@ -86,14 +86,14 @@ static uint8_t caam_era;
*/
static void do_free_keypair(struct rsa_keypair *key)
{
- crypto_bignum_free(key->e);
- crypto_bignum_free(key->d);
- crypto_bignum_free(key->n);
- crypto_bignum_free(key->p);
- crypto_bignum_free(key->q);
- crypto_bignum_free(key->qp);
- crypto_bignum_free(key->dp);
- crypto_bignum_free(key->dq);
+ crypto_bignum_free(&key->e);
+ crypto_bignum_free(&key->d);
+ crypto_bignum_free(&key->n);
+ crypto_bignum_free(&key->p);
+ crypto_bignum_free(&key->q);
+ crypto_bignum_free(&key->qp);
+ crypto_bignum_free(&key->dp);
+ crypto_bignum_free(&key->dq);
}
/*
@@ -435,8 +435,8 @@ static TEE_Result do_allocate_publickey(struct rsa_public_key *key,
err_alloc_publickey:
RSA_TRACE("Allocation error");
- crypto_bignum_free(key->e);
- crypto_bignum_free(key->n);
+ crypto_bignum_free(&key->e);
+ crypto_bignum_free(&key->n);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -448,8 +448,8 @@ err_alloc_publickey:
*/
static void do_free_publickey(struct rsa_public_key *key)
{
- crypto_bignum_free(key->e);
- crypto_bignum_free(key->n);
+ crypto_bignum_free(&key->e);
+ crypto_bignum_free(&key->n);
}
/*
diff --git a/core/drivers/crypto/se050/core/ecc.c b/core/drivers/crypto/se050/core/ecc.c
index d74334760..52f82c69d 100644
--- a/core/drivers/crypto/se050/core/ecc.c
+++ b/core/drivers/crypto/se050/core/ecc.c
@@ -752,9 +752,9 @@ static TEE_Result do_alloc_keypair(struct ecc_keypair *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->x);
- crypto_bignum_free(s->y);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->x);
+ crypto_bignum_free(&s->y);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -768,8 +768,8 @@ static TEE_Result do_alloc_publickey(struct ecc_public_key *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->x);
- crypto_bignum_free(s->y);
+ crypto_bignum_free(&s->x);
+ crypto_bignum_free(&s->y);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -778,8 +778,8 @@ static void do_free_publickey(struct ecc_public_key *s)
if (!s)
return;
- crypto_bignum_free(s->x);
- crypto_bignum_free(s->y);
+ crypto_bignum_free(&s->x);
+ crypto_bignum_free(&s->y);
}
static struct drvcrypt_ecc driver_ecc = {
diff --git a/core/drivers/crypto/se050/core/rsa.c b/core/drivers/crypto/se050/core/rsa.c
index 815abb3cd..475d2b99a 100644
--- a/core/drivers/crypto/se050/core/rsa.c
+++ b/core/drivers/crypto/se050/core/rsa.c
@@ -537,14 +537,14 @@ static TEE_Result do_alloc_keypair(struct rsa_keypair *s,
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->e);
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->q);
- crypto_bignum_free(s->qp);
- crypto_bignum_free(s->dp);
- crypto_bignum_free(s->dq);
+ crypto_bignum_free(&s->e);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->q);
+ crypto_bignum_free(&s->qp);
+ crypto_bignum_free(&s->dp);
+ crypto_bignum_free(&s->dq);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -556,7 +556,7 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s,
if (!bn_alloc_max(&s->e))
return TEE_ERROR_OUT_OF_MEMORY;
if (!bn_alloc_max(&s->n)) {
- crypto_bignum_free(s->e);
+ crypto_bignum_free(&s->e);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -566,8 +566,8 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s,
static void do_free_publickey(struct rsa_public_key *s)
{
if (s) {
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->e);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->e);
}
}
@@ -587,14 +587,14 @@ static void do_free_keypair(struct rsa_keypair *s)
sss_se05x_key_store_erase_key(se050_kstore, &k_object);
}
- crypto_bignum_free(s->e);
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->q);
- crypto_bignum_free(s->qp);
- crypto_bignum_free(s->dp);
- crypto_bignum_free(s->dq);
+ crypto_bignum_free(&s->e);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->q);
+ crypto_bignum_free(&s->qp);
+ crypto_bignum_free(&s->dp);
+ crypto_bignum_free(&s->dq);
}
static TEE_Result do_gen_keypair(struct rsa_keypair *key, size_t kb)
diff --git a/core/drivers/crypto/versal/ecc.c b/core/drivers/crypto/versal/ecc.c
index 3d5454509..18ec4f78d 100644
--- a/core/drivers/crypto/versal/ecc.c
+++ b/core/drivers/crypto/versal/ecc.c
@@ -284,9 +284,9 @@ static TEE_Result sign(uint32_t algo, struct ecc_keypair *key,
versal_mbox_alloc(bytes, NULL, &k);
crypto_bignum_bn2bin_eswap(key->curve, ephemeral.d, k.buf);
- crypto_bignum_free(ephemeral.d);
- crypto_bignum_free(ephemeral.x);
- crypto_bignum_free(ephemeral.y);
+ crypto_bignum_free(&ephemeral.d);
+ crypto_bignum_free(&ephemeral.x);
+ crypto_bignum_free(&ephemeral.y);
/* Private key*/
versal_mbox_alloc(bytes, NULL, &d);
diff --git a/core/include/crypto/crypto.h b/core/include/crypto/crypto.h
index 71a287ec6..0e6c139ce 100644
--- a/core/include/crypto/crypto.h
+++ b/core/include/crypto/crypto.h
@@ -98,7 +98,7 @@ size_t crypto_bignum_num_bytes(struct bignum *a);
size_t crypto_bignum_num_bits(struct bignum *a);
void crypto_bignum_bn2bin(const struct bignum *from, uint8_t *to);
void crypto_bignum_copy(struct bignum *to, const struct bignum *from);
-void crypto_bignum_free(struct bignum *a);
+void crypto_bignum_free(struct bignum **a);
void crypto_bignum_clear(struct bignum *a);
/* return -1 if a<b, 0 if a==b, +1 if a>b */
diff --git a/core/lib/libtomcrypt/dh.c b/core/lib/libtomcrypt/dh.c
index 4eb9916f2..b1d0a4d00 100644
--- a/core/lib/libtomcrypt/dh.c
+++ b/core/lib/libtomcrypt/dh.c
@@ -28,10 +28,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->g);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->y);
- crypto_bignum_free(s->x);
+ crypto_bignum_free(&s->g);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->y);
+ crypto_bignum_free(&s->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/core/lib/libtomcrypt/dsa.c b/core/lib/libtomcrypt/dsa.c
index a2dc720ed..d6243c469 100644
--- a/core/lib/libtomcrypt/dsa.c
+++ b/core/lib/libtomcrypt/dsa.c
@@ -30,10 +30,10 @@ TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->g);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->q);
- crypto_bignum_free(s->y);
+ crypto_bignum_free(&s->g);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->q);
+ crypto_bignum_free(&s->y);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -52,9 +52,9 @@ TEE_Result crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->g);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->q);
+ crypto_bignum_free(&s->g);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->q);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/core/lib/libtomcrypt/ecc.c b/core/lib/libtomcrypt/ecc.c
index 938378247..fa645e17a 100644
--- a/core/lib/libtomcrypt/ecc.c
+++ b/core/lib/libtomcrypt/ecc.c
@@ -18,8 +18,8 @@ static void _ltc_ecc_free_public_key(struct ecc_public_key *s)
if (!s)
return;
- crypto_bignum_free(s->x);
- crypto_bignum_free(s->y);
+ crypto_bignum_free(&s->x);
+ crypto_bignum_free(&s->y);
}
/*
@@ -465,8 +465,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s,
err:
s->ops = NULL;
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->x);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -541,7 +541,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s,
err:
s->ops = NULL;
- crypto_bignum_free(s->x);
+ crypto_bignum_free(&s->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/core/lib/libtomcrypt/mpi_desc.c b/core/lib/libtomcrypt/mpi_desc.c
index 235fbe630..ff8dd13c7 100644
--- a/core/lib/libtomcrypt/mpi_desc.c
+++ b/core/lib/libtomcrypt/mpi_desc.c
@@ -763,10 +763,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits)
return (struct bignum *)bn;
}
-void crypto_bignum_free(struct bignum *s)
+void crypto_bignum_free(struct bignum **s)
{
- mbedtls_mpi_free((mbedtls_mpi *)s);
- free(s);
+ assert(s);
+
+ mbedtls_mpi_free((mbedtls_mpi *)*s);
+ free(*s);
+ *s = NULL;
}
void crypto_bignum_clear(struct bignum *s)
diff --git a/core/lib/libtomcrypt/rsa.c b/core/lib/libtomcrypt/rsa.c
index 8d0443f36..13ed23934 100644
--- a/core/lib/libtomcrypt/rsa.c
+++ b/core/lib/libtomcrypt/rsa.c
@@ -131,7 +131,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->e);
+ crypto_bignum_free(&s->e);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -143,8 +143,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s)
{
if (!s)
return;
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->e);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->e);
}
@@ -155,14 +155,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s)
{
if (!s)
return;
- crypto_bignum_free(s->e);
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->q);
- crypto_bignum_free(s->qp);
- crypto_bignum_free(s->dp);
- crypto_bignum_free(s->dq);
+ crypto_bignum_free(&s->e);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->q);
+ crypto_bignum_free(&s->qp);
+ crypto_bignum_free(&s->dp);
+ crypto_bignum_free(&s->dq);
}
TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key,
diff --git a/core/tee/tee_svc_cryp.c b/core/tee/tee_svc_cryp.c
index 534e5ac39..880809753 100644
--- a/core/tee/tee_svc_cryp.c
+++ b/core/tee/tee_svc_cryp.c
@@ -869,8 +869,7 @@ static void op_attr_bignum_free(void *attr)
{
struct bignum **bn = attr;
- crypto_bignum_free(*bn);
- *bn = NULL;
+ crypto_bignum_free(bn);
}
static TEE_Result op_attr_value_from_user(void *attr, const void *buffer,
@@ -3445,8 +3444,8 @@ TEE_Result syscall_cryp_derive_key(unsigned long state,
} else {
res = TEE_ERROR_OUT_OF_MEMORY;
}
- crypto_bignum_free(pub);
- crypto_bignum_free(ss);
+ crypto_bignum_free(&pub);
+ crypto_bignum_free(&ss);
} else if (TEE_ALG_GET_MAIN_ALG(cs->algo) == TEE_MAIN_ALGO_ECDH) {
struct ecc_public_key key_public;
uint8_t *pt_secret;
diff --git a/lib/libmbedtls/core/bignum.c b/lib/libmbedtls/core/bignum.c
index 61f6c5c60..dea30f61a 100644
--- a/lib/libmbedtls/core/bignum.c
+++ b/lib/libmbedtls/core/bignum.c
@@ -87,10 +87,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits)
return (struct bignum *)bn;
}
-void crypto_bignum_free(struct bignum *s)
+void crypto_bignum_free(struct bignum **s)
{
- mbedtls_mpi_free((mbedtls_mpi *)s);
- free(s);
+ assert(s);
+
+ mbedtls_mpi_free((mbedtls_mpi *)*s);
+ free(*s);
+ *s = NULL;
}
void crypto_bignum_clear(struct bignum *s)
diff --git a/lib/libmbedtls/core/dh.c b/lib/libmbedtls/core/dh.c
index b3415aaa7..e95aa1495 100644
--- a/lib/libmbedtls/core/dh.c
+++ b/lib/libmbedtls/core/dh.c
@@ -35,10 +35,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->g);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->y);
- crypto_bignum_free(s->x);
+ crypto_bignum_free(&s->g);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->y);
+ crypto_bignum_free(&s->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/lib/libmbedtls/core/ecc.c b/lib/libmbedtls/core/ecc.c
index fd4a51b9d..46cd9fd1c 100644
--- a/lib/libmbedtls/core/ecc.c
+++ b/lib/libmbedtls/core/ecc.c
@@ -40,8 +40,8 @@ static void ecc_free_public_key(struct ecc_public_key *s)
if (!s)
return;
- crypto_bignum_free(s->x);
- crypto_bignum_free(s->y);
+ crypto_bignum_free(&s->x);
+ crypto_bignum_free(&s->y);
}
/*
@@ -484,8 +484,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s,
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->x);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -581,7 +581,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s,
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->x);
+ crypto_bignum_free(&s->x);
return TEE_ERROR_OUT_OF_MEMORY;
}
diff --git a/lib/libmbedtls/core/rsa.c b/lib/libmbedtls/core/rsa.c
index c3b5be509..a8aeb2c04 100644
--- a/lib/libmbedtls/core/rsa.c
+++ b/lib/libmbedtls/core/rsa.c
@@ -183,7 +183,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s,
goto err;
return TEE_SUCCESS;
err:
- crypto_bignum_free(s->e);
+ crypto_bignum_free(&s->e);
return TEE_ERROR_OUT_OF_MEMORY;
}
@@ -194,8 +194,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s)
{
if (!s)
return;
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->e);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->e);
}
void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s)
@@ -205,14 +205,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s)
{
if (!s)
return;
- crypto_bignum_free(s->e);
- crypto_bignum_free(s->d);
- crypto_bignum_free(s->n);
- crypto_bignum_free(s->p);
- crypto_bignum_free(s->q);
- crypto_bignum_free(s->qp);
- crypto_bignum_free(s->dp);
- crypto_bignum_free(s->dq);
+ crypto_bignum_free(&s->e);
+ crypto_bignum_free(&s->d);
+ crypto_bignum_free(&s->n);
+ crypto_bignum_free(&s->p);
+ crypto_bignum_free(&s->q);
+ crypto_bignum_free(&s->qp);
+ crypto_bignum_free(&s->dp);
+ crypto_bignum_free(&s->dq);
}
TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key,
--
2.34.1

33
meta-arm-bsp/recipes-security/optee/optee-os-tc.inc
View File

@@ -1,33 +0,0 @@
# TC0 specific configuration
# Total Compute (tc) specific configuration for optee-os and optee-os-tadevkit
FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/tc:"
SRC_URI:append:tc = " file://sp_layout.json \
file://0001-WIP-Enable-managed-exit.patch \
file://0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch \
"
COMPATIBLE_MACHINE = "(tc?)"
OPTEEMACHINE:tc1 = "totalcompute-tc1"
# Enable optee memory layout and boot logs
EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=3"
# default disable latency benchmarks (over all OP-TEE layers)
EXTRA_OEMAKE += " CFG_TEE_BENCHMARK=n"
# Enable stats
EXTRA_OEMAKE += " CFG_WITH_STATS=y"
EXTRA_OEMAKE += " CFG_CORE_SEL2_SPMC=y"
# Copy optee manifest file
do_install:append() {
install -d ${D}${nonarch_base_libdir}/firmware/
install -m 644 ${WORKDIR}/sp_layout.json ${D}${nonarch_base_libdir}/firmware/
install -m 644 \
${S}/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts \
${D}${nonarch_base_libdir}/firmware/
}

30
meta-arm-bsp/recipes-security/optee/optee-os/0003-optee-enable-clang-support.patch
View File

@@ -1,30 +0,0 @@
From 59d4c190eae11c93b26cca5a7b005a17dadc8248 Mon Sep 17 00:00:00 2001
From: Brett Warren <brett.warren@arm.com>
Date: Wed, 23 Sep 2020 09:27:34 +0100
Subject: [PATCH] optee: enable clang support
When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used
to provide a sysroot wasn't included, which results in not locating
compiler-rt. This is mitigated by including the variable as ammended.
Upstream-Status: Pending
ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701
Signed-off-by: Brett Warren <brett.warren@arm.com>
---
mk/clang.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mk/clang.mk b/mk/clang.mk
index a045beee8..1ebe2f702 100644
--- a/mk/clang.mk
+++ b/mk/clang.mk
@@ -30,7 +30,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \
# Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of
# libgcc for clang
-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
-rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null)
# Core ASLR relies on the executable being ready to run from its preferred load

18
meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb
View File

@@ -1,18 +0,0 @@
require recipes-security/optee/optee-os.inc
DEPENDS += "dtc-native"
FILESEXTRAPATHS:prepend := "${THISDIR}/${P}:"
SRCREV = "8e74d47616a20eaa23ca692f4bbbf917a236ed94"
SRC_URI += " \
file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \
file://0002-optee-enable-clang-support.patch \
file://0003-core-link-add-no-warn-rwx-segments.patch \
file://0004-core-Define-section-attributes-for-clang.patch \
file://0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch \
file://0006-core-ffa-add-TOS_FW_CONFIG-handling.patch \
file://0007-core-spmc-handle-non-secure-interrupts.patch \
file://0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch \
file://CVE-2023-41325.patch \
"

6
meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend
View File

@@ -1,6 +0,0 @@
# Machine specific configurations
MACHINE_OPTEE_OS_REQUIRE ?= ""
MACHINE_OPTEE_OS_REQUIRE:tc = "optee-os-tc.inc"
require ${MACHINE_OPTEE_OS_REQUIRE}

8
meta-arm-bsp/recipes-security/optee/optee-test-tc.inc
View File

@@ -1,8 +0,0 @@
# TC specific configuration
FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-test/tc:"
SRC_URI:append:tc = " \
file://0001-xtest-Limit-tests-to-a-single-thread.patch \
"
COMPATIBLE_MACHINE = "(tc?)"

34
meta-arm-bsp/recipes-security/optee/optee-test/0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch
View File

@@ -1,34 +0,0 @@
From 53642dc98630b9c725977ab935c5bdd9c401e1aa Mon Sep 17 00:00:00 2001
From: Jon Mason <jon.mason@arm.com>
Date: Sat, 15 Jul 2023 15:08:43 -0400
Subject: [PATCH] xtest: regression_1000: remove unneeded stat.h include
Hack to work around musl compile error:
In file included from optee-test/3.17.0-r0/recipe-sysroot/usr/include/sys/stat.h:23,
from optee-test/3.17.0-r0/git/host/xtest/regression_1000.c:25:
optee-test/3.17.0-r0/recipe-sysroot/usr/include/bits/stat.h:17:26: error: expected identifier or '(' before '[' token
17 | unsigned __unused[2];
| ^
stat.h is not needed, since it is not being used in this file. So removing it.
Upstream-Status: Backport
Signed-off-by: Jon Mason <jon.mason@arm.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
---
host/xtest/regression_1000.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c
index de32c4184fd8..25b4721cdc45 100644
--- a/host/xtest/regression_1000.c
+++ b/host/xtest/regression_1000.c
@@ -22,7 +22,6 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#include <sys/stat.h>
#include <sys/types.h>
#include <ta_arm_bti.h>
#include <ta_concurrent.h>

160
meta-arm-bsp/recipes-security/optee/optee-test/0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch
View File

@@ -1,160 +0,0 @@
From 717ff43f0d58e5f5a87893bd0cf3274a1e0164dc Mon Sep 17 00:00:00 2001
From: Gabor Toth <gabor.toth2@arm.com>
Date: Fri, 3 Mar 2023 12:25:58 +0100
Subject: [PATCH] ffa_spmc: Add arm_ffa_user driver compatibility check
Check the version of the arm_ffa_user Kernel Driver and fail with a
meaningful message if incompatible driver is detected.
Upstream-Status: Backport
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
---
host/xtest/ffa_spmc_1000.c | 68 ++++++++++++++++++++++++++++++++++----
1 file changed, 61 insertions(+), 7 deletions(-)
diff --git a/host/xtest/ffa_spmc_1000.c b/host/xtest/ffa_spmc_1000.c
index 15f4a468a775..1839d03f29be 100644
--- a/host/xtest/ffa_spmc_1000.c
+++ b/host/xtest/ffa_spmc_1000.c
@@ -1,11 +1,12 @@
// SPDX-License-Identifier: BSD-3-Clause
/*
- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved.
*/
#include <fcntl.h>
#include <ffa.h>
#include <stdio.h>
#include <string.h>
+#include <errno.h>
#include <sys/ioctl.h>
#include <unistd.h>
#include "include/uapi/linux/arm_ffa_user.h"
@@ -17,6 +18,10 @@
#define INCORRECT_ENDPOINT_ID 0xffff
#define NORMAL_WORLD_ENDPOINT_ID 0
+#define FFA_USER_REQ_VER_MAJOR 5
+#define FFA_USER_REQ_VER_MINOR 0
+#define FFA_USER_REQ_VER_PATCH 1
+
/* Get the 32 least significant bits of a handle.*/
#define MEM_SHARE_HANDLE_LOW(x) ((x) & 0xffffffff)
/* Get the 32 most significant bits of a handle.*/
@@ -62,6 +67,50 @@ static struct ffa_ioctl_ep_desc test_endpoint3 = {
.uuid_ptr = (uint64_t)test_endpoint3_uuid,
};
+static bool check_ffa_user_version(void)
+{
+ FILE *f = NULL;
+ int ver_major = -1;
+ int ver_minor = -1;
+ int ver_patch = -1;
+ int scan_cnt = 0;
+
+ f = fopen("/sys/module/arm_ffa_user/version", "r");
+ if (f) {
+ scan_cnt = fscanf(f, "%d.%d.%d",
+ &ver_major, &ver_minor, &ver_patch);
+ fclose(f);
+ if (scan_cnt != 3) {
+ printf("error: failed to parse arm_ffa_user version\n");
+ return false;
+ }
+ } else {
+ printf("error: failed to read arm_ffa_user module info - %s\n",
+ strerror(errno));
+ return false;
+ }
+
+ if (ver_major != FFA_USER_REQ_VER_MAJOR)
+ goto err;
+
+ if (ver_minor < FFA_USER_REQ_VER_MINOR)
+ goto err;
+
+ if (ver_minor == FFA_USER_REQ_VER_MINOR)
+ if (ver_patch < FFA_USER_REQ_VER_PATCH)
+ goto err;
+
+ return true;
+
+err:
+ printf("error: Incompatible arm_ffa_user driver detected.");
+ printf("Found v%d.%d.%d wanted >= v%d.%d.%d)\n",
+ ver_major, ver_minor, ver_patch, FFA_USER_REQ_VER_MAJOR,
+ FFA_USER_REQ_VER_MINOR, FFA_USER_REQ_VER_PATCH);
+
+ return false;
+}
+
static void close_debugfs(void)
{
int err = 0;
@@ -76,6 +125,9 @@ static void close_debugfs(void)
static bool init_sp_xtest(ADBG_Case_t *c)
{
+ if (!check_ffa_user_version())
+ return false;
+
if (ffa_fd < 0) {
ffa_fd = open(FFA_DRIVER_FS_PATH, O_RDWR);
if (ffa_fd < 0) {
@@ -83,6 +135,7 @@ static bool init_sp_xtest(ADBG_Case_t *c)
return false;
}
}
+
return true;
}
@@ -99,7 +152,7 @@ static uint16_t get_endpoint_id(uint64_t endp)
struct ffa_ioctl_ep_desc sid = { .uuid_ptr = endp };
/* Get ID of destination SP based on UUID */
- if(ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
+ if (ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
return INCORRECT_ENDPOINT_ID;
return sid.id;
@@ -213,14 +266,15 @@ static int set_up_mem(struct ffa_ioctl_ep_desc *endp,
rc = share_mem(endpoint, handle);
ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
- if (!ADBG_EXPECT_TRUE(c, handle != NULL))
- return TEEC_ERROR_GENERIC;
+ if (!ADBG_EXPECT_NOT_NULL(c, handle))
+ return TEEC_ERROR_GENERIC;
/* SP will retrieve the memory region. */
memset(args, 0, sizeof(*args));
args->dst_id = endpoint;
args->args[MEM_SHARE_HANDLE_LOW_INDEX] = MEM_SHARE_HANDLE_LOW(*handle);
- args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = MEM_SHARE_HANDLE_HIGH(*handle);
+ args->args[MEM_SHARE_HANDLE_HIGH_INDEX] =
+ MEM_SHARE_HANDLE_HIGH(*handle);
args->args[MEM_SHARE_HANDLE_ENDPOINT_INDEX] = NORMAL_WORLD_ENDPOINT_ID;
rc = start_sp_test(endpoint, EP_RETRIEVE, args);
@@ -254,7 +308,7 @@ static void xtest_ffa_spmc_test_1002(ADBG_Case_t *c)
rc = start_sp_test(endpoint1_id, EP_TEST_SP, &args);
ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK))
- goto out;
+ goto out;
/* Set up memory and have the SP retrieve it. */
Do_ADBG_BeginSubCase(c, "Test memory set-up");
@@ -469,7 +523,7 @@ static void xtest_ffa_spmc_test_1005(ADBG_Case_t *c)
memset(&args, 0, sizeof(args));
args.args[1] = endpoint2;
args.args[2] = endpoint3;
- rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI,&args);
+ rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI, &args);
ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK);

36
meta-arm-bsp/recipes-security/optee/optee-test/0003-Update-arm_ffa_user-driver-dependency.patch
View File

@@ -1,36 +0,0 @@
From 3de910a19f01a2a9e1c9a6bd6feee1aef547f676 Mon Sep 17 00:00:00 2001
From: Gabor Toth <gabor.toth2@arm.com>
Date: Fri, 3 Mar 2023 12:23:45 +0100
Subject: [PATCH] Update arm_ffa_user driver dependency
Updating arm-ffa-user to v5.0.1 to get the following changes:
- move to 64 bit direct messages
- add Linux Kernel v6.1 compatibility
The motivation is to update x-test to depend on the same driver
version as TS uefi-test and thus to enable running these in a single
configuration.
Note: arm_ffa_user.h was copied from:
- URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git
- SHA:18e3be71f65a405dfb5d97603ae71b3c11759861
Upstream-Status: Backport
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
---
host/xtest/include/uapi/linux/arm_ffa_user.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/host/xtest/include/uapi/linux/arm_ffa_user.h b/host/xtest/include/uapi/linux/arm_ffa_user.h
index 9ef0be3e1664..0acde4fb2020 100644
--- a/host/xtest/include/uapi/linux/arm_ffa_user.h
+++ b/host/xtest/include/uapi/linux/arm_ffa_user.h
@@ -33,7 +33,7 @@ struct ffa_ioctl_ep_desc {
* @dst_id: [in] 16-bit ID of destination endpoint.
*/
struct ffa_ioctl_msg_args {
- __u32 args[5];
+ __u64 args[5];
__u16 dst_id;
};
#define FFA_IOC_MSG_SEND _IOWR(FFA_IOC_MAGIC, FFA_IOC_BASE + 1, \

8
meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb
View File

@@ -1,8 +0,0 @@
require recipes-security/optee/optee-test.inc
SRC_URI += " \
file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \
file://0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch \
file://0003-Update-arm_ffa_user-driver-dependency.patch \
"
SRCREV = "5db8ab4c733d5b2f4afac3e9aef0a26634c4b444"

6
meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bbappend
View File

@@ -1,6 +0,0 @@
# Machine specific configurations
MACHINE_OPTEE_TEST_REQUIRE ?= ""
MACHINE_OPTEE_TEST_REQUIRE:tc = "optee-test-tc.inc"
require ${MACHINE_OPTEE_TEST_REQUIRE}

11
meta-arm/recipes-devtools/fvp/fvp-tc1.bb
View File

@@ -1,11 +0,0 @@
require fvp-ecosystem.inc
MODEL = "TC1"
MODEL_CODE = "FVP_TC1"
PV = "11.18.28_Linux64"
SRC_URI = "https://developer.arm.com/-/media/Arm%20Developer%20Community/Downloads/OSS/FVP/TotalCompute/Total%20Compute%20Update%202022/${MODEL_CODE}_${PV_URL}.tgz;subdir=${BP}"
SRC_URI[sha256sum] = "3a2b32ecf34dc9581482d6fc682a9378ba6ed151ea9b68914b4ebad39fb5cacf"
LIC_FILES_CHKSUM = "file://license_terms/license_agreement.txt;md5=a50d186fffa51ed55599183aad911298 \
file://license_terms/third_party_licenses/third_party_licenses.txt;md5=34a1ba318d745f05e6197def68ea5411"