subtree updates july 21 2023 pi,security,arm
meta-arm: d6fac49541..b4d50a273d:
Abdellatif El Khlifi (5):
arm-bsp/documentation: corstone1000: Update change log
arm-bsp/doc: corstone1000: Update the software architecture document
arm-bsp/documentation: corstone1000: update the release note
arm-bsp/documentation: corstone1000: update user guide
kas: set the SHAs for 2023.06 release
Jon Mason (7):
arm/optee-test: modify to use build openssl
arm/optee: update to 3.22.0
arm-bsp/machine: work around rootfs name issue
ci/clang: add llvm-native from clang README
arm/optee-os: update/clean-up patches and recipes
arm-bsp/juno: remove commented out KCONFIG
arm/linux-yocto: move 6.1 patches to a unique bbappend
Khem Raj (1):
gn: Disable warning as error but not disable completely
Mikko Rapeli (1):
optee-os optee-test: switch from SRC_URI:append to SRC_URI +=
Peter Hoyes (5):
runfvp: Add missing conffile include
arm/oeqa: Merge all OEFVP*Target classes
arm/OEFVPTarget: Add support for model state transitions
arm/oeqa: Convert linuxboot test case into fvp_boot
arm/oeqa: Introduce the fvp_devices test suite
Ross Burton (14):
CI: use Kas 3.3
CI: update to Kas format 14
CI: use branch, not refspec
CI: generate and use a Kas lock file
CI: add a tool to fetch a lockfile.yml for a specified build
arm/scp-firmware: set default SCP_PLATFORM to MACHINE
arm-bsp/scp-firmware: remove redundant SCP_PLATFORM
arm/scp-firware: update compiler variables
arm/scp-firmware: log what platform/firmware/type is being built
arm/scp-firmware: fix intermittent compile failures
CI: track master
arm-bsp/u-boot: add temporary 2023.01 recipe
toolchain: remove pointless provides
arm-bsp/linux-yocto: fix Upstream-Status
Rouven Czerwinski (3):
optee-os: add optional optee-os-ta package
optee-os: deploy ta elf files
optee-test: add TA elfs to deploydir
Tomás González (2):
arm-bsp/documentation: corstone1000: Update the user guide
arm-bsp/documentation: corstone1000: Update the release notes
Ziad Elhanafy (5):
arm-bsp/conf: Remove hardcoded .rootfs from image path
arm/classes: Remove IMAGE_NAME_SUFFIX from image path
arm: Set FVP EULA environment variable details message
kas: Add fvp-eula.yml and remove license related settings
arm-bsp/documentation: Replace FVP_BASE_R_ARM_EULA_ACCEPT with ARM_FVP_EULA_ACCEPT
meta-raspberrypi: dff85b9a9f..e3f733cadd:
Khem Raj (1):
linux-raspberrypi_6.1.bb: Update to 6.1.38
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Iebdd94d49998e9297e49ee2463761f2f3acb45c1
diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch
new file mode 100644
index 0000000..e889f74
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch
@@ -0,0 +1,39 @@
+From 7e15470f3dd45c844f0e0901f0c85c46a0882b8b Mon Sep 17 00:00:00 2001
+From: Gabor Toth <gabor.toth2@arm.com>
+Date: Fri, 3 Mar 2023 12:23:45 +0100
+Subject: [PATCH 1/2] Update arm_ffa_user driver dependency
+
+Updating arm-ffa-user to v5.0.1 to get the following changes:
+ - move to 64 bit direct messages
+ - add Linux Kernel v6.1 compatibility
+The motivation is to update x-test to depend on the same driver
+version as TS uefi-test and thus to enable running these in a single
+configuration.
+Note: arm_ffa_user.h was copied from:
+ - URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git
+ - SHA:18e3be71f65a405dfb5d97603ae71b3c11759861
+
+Upstream-Status: Backport
+
+Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
+Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
+---
+ host/xtest/include/uapi/linux/arm_ffa_user.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/host/xtest/include/uapi/linux/arm_ffa_user.h b/host/xtest/include/uapi/linux/arm_ffa_user.h
+index 9ef0be3..0acde4f 100644
+--- a/host/xtest/include/uapi/linux/arm_ffa_user.h
++++ b/host/xtest/include/uapi/linux/arm_ffa_user.h
+@@ -33,7 +33,7 @@ struct ffa_ioctl_ep_desc {
+ * @dst_id: [in] 16-bit ID of destination endpoint.
+ */
+ struct ffa_ioctl_msg_args {
+- __u32 args[5];
++ __u64 args[5];
+ __u16 dst_id;
+ };
+ #define FFA_IOC_MSG_SEND _IOWR(FFA_IOC_MAGIC, FFA_IOC_BASE + 1, \
+--
+2.39.1.windows.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch
new file mode 100644
index 0000000..d333e86
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch
@@ -0,0 +1,163 @@
+From 6734d14cc249af37705129de7874533df9535cd3 Mon Sep 17 00:00:00 2001
+From: Gabor Toth <gabor.toth2@arm.com>
+Date: Fri, 3 Mar 2023 12:25:58 +0100
+Subject: [PATCH 2/2] ffa_spmc: Add arm_ffa_user driver compatibility check
+
+Check the version of the arm_ffa_user Kernel Driver and fail with a
+meaningful message if incompatible driver is detected.
+
+Upstream-Status: Backport
+
+Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
+Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
+---
+ host/xtest/ffa_spmc_1000.c | 68 ++++++++++++++++++++++++++++++++++----
+ 1 file changed, 61 insertions(+), 7 deletions(-)
+
+diff --git a/host/xtest/ffa_spmc_1000.c b/host/xtest/ffa_spmc_1000.c
+index 15f4a46..1839d03 100644
+--- a/host/xtest/ffa_spmc_1000.c
++++ b/host/xtest/ffa_spmc_1000.c
+@@ -1,11 +1,12 @@
+ // SPDX-License-Identifier: BSD-3-Clause
+ /*
+- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
++ * Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved.
+ */
+ #include <fcntl.h>
+ #include <ffa.h>
+ #include <stdio.h>
+ #include <string.h>
++#include <errno.h>
+ #include <sys/ioctl.h>
+ #include <unistd.h>
+ #include "include/uapi/linux/arm_ffa_user.h"
+@@ -17,6 +18,10 @@
+ #define INCORRECT_ENDPOINT_ID 0xffff
+ #define NORMAL_WORLD_ENDPOINT_ID 0
+
++#define FFA_USER_REQ_VER_MAJOR 5
++#define FFA_USER_REQ_VER_MINOR 0
++#define FFA_USER_REQ_VER_PATCH 1
++
+ /* Get the 32 least significant bits of a handle.*/
+ #define MEM_SHARE_HANDLE_LOW(x) ((x) & 0xffffffff)
+ /* Get the 32 most significant bits of a handle.*/
+@@ -62,6 +67,50 @@ static struct ffa_ioctl_ep_desc test_endpoint3 = {
+ .uuid_ptr = (uint64_t)test_endpoint3_uuid,
+ };
+
++static bool check_ffa_user_version(void)
++{
++ FILE *f = NULL;
++ int ver_major = -1;
++ int ver_minor = -1;
++ int ver_patch = -1;
++ int scan_cnt = 0;
++
++ f = fopen("/sys/module/arm_ffa_user/version", "r");
++ if (f) {
++ scan_cnt = fscanf(f, "%d.%d.%d",
++ &ver_major, &ver_minor, &ver_patch);
++ fclose(f);
++ if (scan_cnt != 3) {
++ printf("error: failed to parse arm_ffa_user version\n");
++ return false;
++ }
++ } else {
++ printf("error: failed to read arm_ffa_user module info - %s\n",
++ strerror(errno));
++ return false;
++ }
++
++ if (ver_major != FFA_USER_REQ_VER_MAJOR)
++ goto err;
++
++ if (ver_minor < FFA_USER_REQ_VER_MINOR)
++ goto err;
++
++ if (ver_minor == FFA_USER_REQ_VER_MINOR)
++ if (ver_patch < FFA_USER_REQ_VER_PATCH)
++ goto err;
++
++ return true;
++
++err:
++ printf("error: Incompatible arm_ffa_user driver detected.");
++ printf("Found v%d.%d.%d wanted >= v%d.%d.%d)\n",
++ ver_major, ver_minor, ver_patch, FFA_USER_REQ_VER_MAJOR,
++ FFA_USER_REQ_VER_MINOR, FFA_USER_REQ_VER_PATCH);
++
++ return false;
++}
++
+ static void close_debugfs(void)
+ {
+ int err = 0;
+@@ -76,6 +125,9 @@ static void close_debugfs(void)
+
+ static bool init_sp_xtest(ADBG_Case_t *c)
+ {
++ if (!check_ffa_user_version())
++ return false;
++
+ if (ffa_fd < 0) {
+ ffa_fd = open(FFA_DRIVER_FS_PATH, O_RDWR);
+ if (ffa_fd < 0) {
+@@ -83,6 +135,7 @@ static bool init_sp_xtest(ADBG_Case_t *c)
+ return false;
+ }
+ }
++
+ return true;
+ }
+
+@@ -99,7 +152,7 @@ static uint16_t get_endpoint_id(uint64_t endp)
+ struct ffa_ioctl_ep_desc sid = { .uuid_ptr = endp };
+
+ /* Get ID of destination SP based on UUID */
+- if(ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
++ if (ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
+ return INCORRECT_ENDPOINT_ID;
+
+ return sid.id;
+@@ -213,14 +266,15 @@ static int set_up_mem(struct ffa_ioctl_ep_desc *endp,
+ rc = share_mem(endpoint, handle);
+ ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
+
+- if (!ADBG_EXPECT_TRUE(c, handle != NULL))
+- return TEEC_ERROR_GENERIC;
++ if (!ADBG_EXPECT_NOT_NULL(c, handle))
++ return TEEC_ERROR_GENERIC;
+
+ /* SP will retrieve the memory region. */
+ memset(args, 0, sizeof(*args));
+ args->dst_id = endpoint;
+ args->args[MEM_SHARE_HANDLE_LOW_INDEX] = MEM_SHARE_HANDLE_LOW(*handle);
+- args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = MEM_SHARE_HANDLE_HIGH(*handle);
++ args->args[MEM_SHARE_HANDLE_HIGH_INDEX] =
++ MEM_SHARE_HANDLE_HIGH(*handle);
+ args->args[MEM_SHARE_HANDLE_ENDPOINT_INDEX] = NORMAL_WORLD_ENDPOINT_ID;
+
+ rc = start_sp_test(endpoint, EP_RETRIEVE, args);
+@@ -254,7 +308,7 @@ static void xtest_ffa_spmc_test_1002(ADBG_Case_t *c)
+ rc = start_sp_test(endpoint1_id, EP_TEST_SP, &args);
+ ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
+ if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK))
+- goto out;
++ goto out;
+
+ /* Set up memory and have the SP retrieve it. */
+ Do_ADBG_BeginSubCase(c, "Test memory set-up");
+@@ -469,7 +523,7 @@ static void xtest_ffa_spmc_test_1005(ADBG_Case_t *c)
+ memset(&args, 0, sizeof(args));
+ args.args[1] = endpoint2;
+ args.args[2] = endpoint3;
+- rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI,&args);
++ rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI, &args);
+ ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
+ ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK);
+
+--
+2.39.1.windows.1
+
diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch
new file mode 100644
index 0000000..eed1bd4
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch
@@ -0,0 +1,24 @@
+Hack to work around musl compile error:
+ In file included from optee-test/3.17.0-r0/recipe-sysroot/usr/include/sys/stat.h:23,
+ from optee-test/3.17.0-r0/git/host/xtest/regression_1000.c:25:
+ optee-test/3.17.0-r0/recipe-sysroot/usr/include/bits/stat.h:17:26: error: expected identifier or '(' before '[' token
+ 17 | unsigned __unused[2];
+ | ^
+
+stat.h is not needed, since it is not being used in this file. So removing it.
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Jon Mason <jon.mason@arm.com>
+
+diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c
+index 4264884..7f1baca 100644
+--- a/host/xtest/regression_1000.c
++++ b/host/xtest/regression_1000.c
+@@ -22,7 +22,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#include <sys/stat.h>
+ #include <sys/types.h>
+ #include <ta_arm_bti.h>
+ #include <ta_concurrent.h>
diff --git a/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/run-ptest b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/run-ptest
new file mode 100755
index 0000000..ba88c14
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-security/optee/optee-test/run-ptest
@@ -0,0 +1,52 @@
+#!/bin/sh
+xtest | awk '
+
+ # Escapes the special characters in a string so that, when
+ # included in a regex, it represents a literal match
+ function regx_escape_literal(str, ret) {
+ ret = str
+ gsub(/[\[\]\^\$\.\*\?\+\{\}\\\(\)\|]/ , "\\\\&", str)
+ return str
+ }
+
+ # Returns the simple test formatted name
+ function name(n, ret) {
+ ret = n
+ gsub(/\./, " ", ret)
+ return ret
+ }
+
+ # Returns the simple test formatted result
+ function result(res) {
+ if(res ~ /OK/) {
+ return "PASS"
+ } else if(res ~ /FAILED/) {
+ return "FAIL"
+ }
+ }
+
+ function parse(name, description, has_subtests, result_line) {
+ has_subtests = 0
+
+ # Consume every line up to the result line
+ result_line = " " regx_escape_literal(name) " (OK|FAILED)"
+ do {
+ getline
+
+ # If this is a subtest (denoted by an "o" bullet) then subparse
+ if($0 ~ /^o /) {
+ parse($2, description " : " substr($0, index($0, $3)))
+ has_subtests = 1
+ }
+ } while ($0 !~ result_line)
+
+ # Only print the results for the deepest nested subtests
+ if(!has_subtests) {
+ print result($2) ": " name(name) " - " description
+ }
+ }
+
+ # Start parsing at the beginning of every test (denoted by a "*" bullet)
+ /^\* / { parse($2, substr($0, index($0, $3))) }
+
+'