subtree updates july 21 2023 pi,security,arm
meta-arm: d6fac49541..b4d50a273d:
Abdellatif El Khlifi (5):
arm-bsp/documentation: corstone1000: Update change log
arm-bsp/doc: corstone1000: Update the software architecture document
arm-bsp/documentation: corstone1000: update the release note
arm-bsp/documentation: corstone1000: update user guide
kas: set the SHAs for 2023.06 release
Jon Mason (7):
arm/optee-test: modify to use build openssl
arm/optee: update to 3.22.0
arm-bsp/machine: work around rootfs name issue
ci/clang: add llvm-native from clang README
arm/optee-os: update/clean-up patches and recipes
arm-bsp/juno: remove commented out KCONFIG
arm/linux-yocto: move 6.1 patches to a unique bbappend
Khem Raj (1):
gn: Disable warning as error but not disable completely
Mikko Rapeli (1):
optee-os optee-test: switch from SRC_URI:append to SRC_URI +=
Peter Hoyes (5):
runfvp: Add missing conffile include
arm/oeqa: Merge all OEFVP*Target classes
arm/OEFVPTarget: Add support for model state transitions
arm/oeqa: Convert linuxboot test case into fvp_boot
arm/oeqa: Introduce the fvp_devices test suite
Ross Burton (14):
CI: use Kas 3.3
CI: update to Kas format 14
CI: use branch, not refspec
CI: generate and use a Kas lock file
CI: add a tool to fetch a lockfile.yml for a specified build
arm/scp-firmware: set default SCP_PLATFORM to MACHINE
arm-bsp/scp-firmware: remove redundant SCP_PLATFORM
arm/scp-firware: update compiler variables
arm/scp-firmware: log what platform/firmware/type is being built
arm/scp-firmware: fix intermittent compile failures
CI: track master
arm-bsp/u-boot: add temporary 2023.01 recipe
toolchain: remove pointless provides
arm-bsp/linux-yocto: fix Upstream-Status
Rouven Czerwinski (3):
optee-os: add optional optee-os-ta package
optee-os: deploy ta elf files
optee-test: add TA elfs to deploydir
Tomás González (2):
arm-bsp/documentation: corstone1000: Update the user guide
arm-bsp/documentation: corstone1000: Update the release notes
Ziad Elhanafy (5):
arm-bsp/conf: Remove hardcoded .rootfs from image path
arm/classes: Remove IMAGE_NAME_SUFFIX from image path
arm: Set FVP EULA environment variable details message
kas: Add fvp-eula.yml and remove license related settings
arm-bsp/documentation: Replace FVP_BASE_R_ARM_EULA_ACCEPT with ARM_FVP_EULA_ACCEPT
meta-raspberrypi: dff85b9a9f..e3f733cadd:
Khem Raj (1):
linux-raspberrypi_6.1.bb: Update to 6.1.38
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Iebdd94d49998e9297e49ee2463761f2f3acb45c1
diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch
new file mode 100644
index 0000000..e82fdc7
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch
@@ -0,0 +1,127 @@
+From 1a991cbedf8647d5a1e7c312614f7867c3940968 Mon Sep 17 00:00:00 2001
+From: Jerome Forissier <jerome.forissier@linaro.org>
+Date: Tue, 23 Aug 2022 12:31:46 +0000
+Subject: [PATCH] arm32: libutils, libutee, ta: add .note.GNU-stack section to
+
+ .S files
+
+When building for arm32 with GNU binutils 2.39, the linker outputs
+warnings when linking Trusted Applications:
+
+ arm-unknown-linux-uclibcgnueabihf-ld.bfd: warning: utee_syscalls_a32.o: missing .note.GNU-stack section implies executable stack
+ arm-unknown-linux-uclibcgnueabihf-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker
+
+We could silence the warning by adding the '-z execstack' option to the
+TA link flags, like we did in the parent commit for the TEE core and
+ldelf. Indeed, ldelf always allocates a non-executable piece of memory
+for the TA to use as a stack.
+
+However it seems preferable to comply with the common ELF practices in
+this case. A better fix is therefore to add the missing .note.GNU-stack
+sections in the assembler files.
+
+Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
+
+Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
+Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5499]
+---
+ lib/libutee/arch/arm/utee_syscalls_a32.S | 2 ++
+ lib/libutils/ext/arch/arm/atomic_a32.S | 2 ++
+ lib/libutils/ext/arch/arm/mcount_a32.S | 2 ++
+ lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S | 2 ++
+ lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S | 2 ++
+ lib/libutils/isoc/arch/arm/setjmp_a32.S | 2 ++
+ ta/arch/arm/ta_entry_a32.S | 2 ++
+ 7 files changed, 14 insertions(+)
+
+diff --git a/lib/libutee/arch/arm/utee_syscalls_a32.S b/lib/libutee/arch/arm/utee_syscalls_a32.S
+index 6e621ca6e06d..af405f62723c 100644
+--- a/lib/libutee/arch/arm/utee_syscalls_a32.S
++++ b/lib/libutee/arch/arm/utee_syscalls_a32.S
+@@ -7,6 +7,8 @@
+ #include <tee_syscall_numbers.h>
+ #include <asm.S>
+
++ .section .note.GNU-stack,"",%progbits
++
+ .section .text
+ .balign 4
+ .code 32
+diff --git a/lib/libutils/ext/arch/arm/atomic_a32.S b/lib/libutils/ext/arch/arm/atomic_a32.S
+index eaef6914734e..2be73ffadcc9 100644
+--- a/lib/libutils/ext/arch/arm/atomic_a32.S
++++ b/lib/libutils/ext/arch/arm/atomic_a32.S
+@@ -5,6 +5,8 @@
+
+ #include <asm.S>
+
++ .section .note.GNU-stack,"",%progbits
++
+ /* uint32_t atomic_inc32(uint32_t *v); */
+ FUNC atomic_inc32 , :
+ ldrex r1, [r0]
+diff --git a/lib/libutils/ext/arch/arm/mcount_a32.S b/lib/libutils/ext/arch/arm/mcount_a32.S
+index 51439a23014e..54dc3c02da66 100644
+--- a/lib/libutils/ext/arch/arm/mcount_a32.S
++++ b/lib/libutils/ext/arch/arm/mcount_a32.S
+@@ -7,6 +7,8 @@
+
+ #if defined(CFG_TA_GPROF_SUPPORT) || defined(CFG_FTRACE_SUPPORT)
+
++ .section .note.GNU-stack,"",%progbits
++
+ /*
+ * Convert return address to call site address by subtracting the size of the
+ * mcount call instruction (blx __gnu_mcount_nc).
+diff --git a/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S b/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S
+index a600c879668c..37ae9ec6f9f1 100644
+--- a/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S
++++ b/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S
+@@ -5,6 +5,8 @@
+
+ #include <asm.S>
+
++ .section .note.GNU-stack,"",%progbits
++
+ /*
+ * signed ret_idivmod_values(signed quot, signed rem);
+ * return quotient and remaining the EABI way (regs r0,r1)
+diff --git a/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S b/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S
+index 2dc50bc98bbf..5c3353e2c1ba 100644
+--- a/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S
++++ b/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S
+@@ -5,6 +5,8 @@
+
+ #include <asm.S>
+
++ .section .note.GNU-stack,"",%progbits
++
+ /*
+ * __value_in_regs lldiv_t __aeabi_ldivmod( long long n, long long d)
+ */
+diff --git a/lib/libutils/isoc/arch/arm/setjmp_a32.S b/lib/libutils/isoc/arch/arm/setjmp_a32.S
+index 43ea593758c9..f8a0b70df705 100644
+--- a/lib/libutils/isoc/arch/arm/setjmp_a32.S
++++ b/lib/libutils/isoc/arch/arm/setjmp_a32.S
+@@ -51,6 +51,8 @@
+ #define SIZE(x)
+ #endif
+
++ .section .note.GNU-stack,"",%progbits
++
+ /* Arm/Thumb interworking support:
+
+ The interworking scheme expects functions to use a BX instruction
+diff --git a/ta/arch/arm/ta_entry_a32.S b/ta/arch/arm/ta_entry_a32.S
+index d2f8a69daa7f..cd9a12f9dbf9 100644
+--- a/ta/arch/arm/ta_entry_a32.S
++++ b/ta/arch/arm/ta_entry_a32.S
+@@ -5,6 +5,8 @@
+
+ #include <asm.S>
+
++ .section .note.GNU-stack,"",%progbits
++
+ /*
+ * This function is the bottom of the user call stack. Mark it as such so that
+ * the unwinding code won't try to go further down.