From patchwork Wed Oct 25 22:44:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jon Mason X-Patchwork-Id: 32968 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3A7C8C25B48 for ; Thu, 26 Oct 2023 13:38:37 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.200409.1698327513743023605 for ; Thu, 26 Oct 2023 06:38:33 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: jon.mason@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7C7A41424 for ; Thu, 26 Oct 2023 06:39:14 -0700 (PDT) Received: from debian.lan?044arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 4465D3F64C for ; Thu, 26 Oct 2023 06:38:31 -0700 (PDT) From: Jon Mason To: meta-arm@lists.yoctoproject.org Subject: [PATCH 1/2] arm-bsp/optee: remove 3.18 recipes and patches Date: Wed, 25 Oct 2023 17:44:47 -0500 Message-Id: <20231025224448.3921419-1-jon.mason@arm.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 26 Oct 2023 13:38:37 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5180 3.18 recipes and patches are no longer in use and can be removed Signed-off-by: Jon Mason --- .../optee/optee-client_3.18.0.bb | 3 - ...0005-core-ldelf-link-add-z-execstack.patch | 93 ------------- ...ibutee-ta-add-.note.GNU-stack-sectio.patch | 127 ------------------ .../optee/optee-os-tadevkit_3.18.0.bb | 24 ---- .../optee/optee-os-tadevkit_3.18.0.bbappend | 6 - .../recipes-security/optee/optee-os_3.18.0.bb | 15 --- .../optee/optee-os_3.18.0.bbappend | 6 - .../optee/optee-test_3.18.0.bb | 10 -- 8 files changed, 284 deletions(-) delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb diff --git a/meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb b/meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb deleted file mode 100644 index ea7b65ce..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb +++ /dev/null @@ -1,3 +0,0 @@ -require recipes-security/optee/optee-client.inc - -SRCREV = "e7cba71cc6e2ecd02f412c7e9ee104f0a5dffc6f" diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch b/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch deleted file mode 100644 index 862a76b4..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 63445958678b58c5adc7eca476b216e5dc0f4195 Mon Sep 17 00:00:00 2001 -From: Jerome Forissier -Date: Tue, 23 Aug 2022 11:41:00 +0000 -Subject: [PATCH] core, ldelf: link: add -z execstack - -When building for arm32 with GNU binutils 2.39, the linker outputs -warnings when generating some TEE core binaries (all_obj.o, init.o, -unpaged.o and tee.elf) as well as ldelf.elf: - - arm-poky-linux-gnueabi-ld.bfd: warning: atomic_a32.o: missing .note.GNU-stack section implies executable stack - arm-poky-linux-gnueabi-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker - -The permissions used when mapping the TEE core stacks do not depend on -any metadata found in the ELF file. Similarly when the TEE core loads -ldelf it already creates a non-executable stack regardless of ELF -information. Therefore we can safely ignore the warnings. This is done -by adding the '-z execstack' option. - -Signed-off-by: Jerome Forissier - -Signed-off-by: Anton Antonov -Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5499] ---- - core/arch/arm/kernel/link.mk | 13 +++++++++---- - ldelf/link.mk | 3 +++ - 2 files changed, 12 insertions(+), 4 deletions(-) - -diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk -index c39d43cbfc5b..0e96e606cd9d 100644 ---- a/core/arch/arm/kernel/link.mk -+++ b/core/arch/arm/kernel/link.mk -@@ -9,6 +9,11 @@ link-script-dep = $(link-out-dir)/.kern.ld.d - - AWK = awk - -+link-ldflags-common += $(call ld-option,--no-warn-rwx-segments) -+ifeq ($(CFG_ARM32_core),y) -+link-ldflags-common += $(call ld-option,--no-warn-execstack) -+endif -+ - link-ldflags = $(LDFLAGS) - ifeq ($(CFG_CORE_ASLR),y) - link-ldflags += -pie -Bsymbolic -z norelro $(ldflag-apply-dynamic-relocs) -@@ -31,7 +36,7 @@ link-ldflags += -T $(link-script-pp) -Map=$(link-out-dir)/tee.map - link-ldflags += --sort-section=alignment - link-ldflags += --fatal-warnings - link-ldflags += --gc-sections --link-ldflags += $(call ld-option,--no-warn-rwx-segments) -+link-ldflags += $(link-ldflags-common) - - link-ldadd = $(LDADD) - link-ldadd += $(ldflags-external) -@@ -56,7 +61,7 @@ link-script-cppflags := \ - $(cppflagscore)) - - ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \ -- $(call ld-option,--no-warn-rwx-segments) \ -+ $(link-ldflags-common) \ - $(link-objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/all_objs.o - $(link-out-dir)/all_objs.o: $(objs) $(libdeps) $(MAKEFILE_LIST) -@@ -70,7 +75,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o - $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@ - - unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -- $(call ld-option,--no-warn-rwx-segments) -+ $(link-ldflags-common) - unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/unpaged.o - $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt -@@ -99,7 +104,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o - $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@ - - init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -- $(call ld-option,--no-warn-rwx-segments) -+ $(link-ldflags-common) - init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \ - $(libgcccore) - cleanfiles += $(link-out-dir)/init.o -diff --git a/ldelf/link.mk b/ldelf/link.mk -index 64c8212a06fa..bd49551e7065 100644 ---- a/ldelf/link.mk -+++ b/ldelf/link.mk -@@ -20,6 +20,9 @@ link-ldflags += -z max-page-size=4096 # OP-TEE always uses 4K alignment - ifeq ($(CFG_CORE_BTI),y) - link-ldflags += $(call ld-option,-z force-bti) --fatal-warnings - endif -+ifeq ($(CFG_ARM32_$(sm)), y) -+link-ldflags += $(call ld-option,--no-warn-execstack) -+endif - link-ldflags += $(link-ldflags$(sm)) - - link-ldadd = $(addprefix -L,$(libdirs)) diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch b/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch deleted file mode 100644 index e82fdc71..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 1a991cbedf8647d5a1e7c312614f7867c3940968 Mon Sep 17 00:00:00 2001 -From: Jerome Forissier -Date: Tue, 23 Aug 2022 12:31:46 +0000 -Subject: [PATCH] arm32: libutils, libutee, ta: add .note.GNU-stack section to - - .S files - -When building for arm32 with GNU binutils 2.39, the linker outputs -warnings when linking Trusted Applications: - - arm-unknown-linux-uclibcgnueabihf-ld.bfd: warning: utee_syscalls_a32.o: missing .note.GNU-stack section implies executable stack - arm-unknown-linux-uclibcgnueabihf-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker - -We could silence the warning by adding the '-z execstack' option to the -TA link flags, like we did in the parent commit for the TEE core and -ldelf. Indeed, ldelf always allocates a non-executable piece of memory -for the TA to use as a stack. - -However it seems preferable to comply with the common ELF practices in -this case. A better fix is therefore to add the missing .note.GNU-stack -sections in the assembler files. - -Signed-off-by: Jerome Forissier - -Signed-off-by: Anton Antonov -Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5499] ---- - lib/libutee/arch/arm/utee_syscalls_a32.S | 2 ++ - lib/libutils/ext/arch/arm/atomic_a32.S | 2 ++ - lib/libutils/ext/arch/arm/mcount_a32.S | 2 ++ - lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S | 2 ++ - lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S | 2 ++ - lib/libutils/isoc/arch/arm/setjmp_a32.S | 2 ++ - ta/arch/arm/ta_entry_a32.S | 2 ++ - 7 files changed, 14 insertions(+) - -diff --git a/lib/libutee/arch/arm/utee_syscalls_a32.S b/lib/libutee/arch/arm/utee_syscalls_a32.S -index 6e621ca6e06d..af405f62723c 100644 ---- a/lib/libutee/arch/arm/utee_syscalls_a32.S -+++ b/lib/libutee/arch/arm/utee_syscalls_a32.S -@@ -7,6 +7,8 @@ - #include - #include - -+ .section .note.GNU-stack,"",%progbits -+ - .section .text - .balign 4 - .code 32 -diff --git a/lib/libutils/ext/arch/arm/atomic_a32.S b/lib/libutils/ext/arch/arm/atomic_a32.S -index eaef6914734e..2be73ffadcc9 100644 ---- a/lib/libutils/ext/arch/arm/atomic_a32.S -+++ b/lib/libutils/ext/arch/arm/atomic_a32.S -@@ -5,6 +5,8 @@ - - #include - -+ .section .note.GNU-stack,"",%progbits -+ - /* uint32_t atomic_inc32(uint32_t *v); */ - FUNC atomic_inc32 , : - ldrex r1, [r0] -diff --git a/lib/libutils/ext/arch/arm/mcount_a32.S b/lib/libutils/ext/arch/arm/mcount_a32.S -index 51439a23014e..54dc3c02da66 100644 ---- a/lib/libutils/ext/arch/arm/mcount_a32.S -+++ b/lib/libutils/ext/arch/arm/mcount_a32.S -@@ -7,6 +7,8 @@ - - #if defined(CFG_TA_GPROF_SUPPORT) || defined(CFG_FTRACE_SUPPORT) - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * Convert return address to call site address by subtracting the size of the - * mcount call instruction (blx __gnu_mcount_nc). -diff --git a/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S b/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S -index a600c879668c..37ae9ec6f9f1 100644 ---- a/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S -+++ b/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S -@@ -5,6 +5,8 @@ - - #include - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * signed ret_idivmod_values(signed quot, signed rem); - * return quotient and remaining the EABI way (regs r0,r1) -diff --git a/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S b/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S -index 2dc50bc98bbf..5c3353e2c1ba 100644 ---- a/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S -+++ b/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S -@@ -5,6 +5,8 @@ - - #include - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * __value_in_regs lldiv_t __aeabi_ldivmod( long long n, long long d) - */ -diff --git a/lib/libutils/isoc/arch/arm/setjmp_a32.S b/lib/libutils/isoc/arch/arm/setjmp_a32.S -index 43ea593758c9..f8a0b70df705 100644 ---- a/lib/libutils/isoc/arch/arm/setjmp_a32.S -+++ b/lib/libutils/isoc/arch/arm/setjmp_a32.S -@@ -51,6 +51,8 @@ - #define SIZE(x) - #endif - -+ .section .note.GNU-stack,"",%progbits -+ - /* Arm/Thumb interworking support: - - The interworking scheme expects functions to use a BX instruction -diff --git a/ta/arch/arm/ta_entry_a32.S b/ta/arch/arm/ta_entry_a32.S -index d2f8a69daa7f..cd9a12f9dbf9 100644 ---- a/ta/arch/arm/ta_entry_a32.S -+++ b/ta/arch/arm/ta_entry_a32.S -@@ -5,6 +5,8 @@ - - #include - -+ .section .note.GNU-stack,"",%progbits -+ - /* - * This function is the bottom of the user call stack. Mark it as such so that - * the unwinding code won't try to go further down. diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb b/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb deleted file mode 100644 index ff0baf8c..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb +++ /dev/null @@ -1,24 +0,0 @@ -require optee-os_3.18.0.bb - -SUMMARY = "OP-TEE Trusted OS TA devkit" -DESCRIPTION = "OP-TEE TA devkit for build TAs" -HOMEPAGE = "https://www.op-tee.org/" - -DEPENDS += "python3-pycryptodome-native" - -do_install() { - #install TA devkit - install -d ${D}${includedir}/optee/export-user_ta/ - for f in ${B}/export-ta_${OPTEE_ARCH}/* ; do - cp -aR $f ${D}${includedir}/optee/export-user_ta/ - done -} - -do_deploy() { - echo "Do not inherit do_deploy from optee-os." -} - -FILES:${PN} = "${includedir}/optee/" - -# Build paths are currently embedded -INSANE_SKIP:${PN}-dev += "buildpaths" diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend b/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend deleted file mode 100644 index 0cb9b05e..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# Machine specific configurations - -MACHINE_OPTEE_OS_TADEVKIT_REQUIRE ?= "" -MACHINE_OPTEE_OS_TADEVKIT_REQUIRE:tc = "optee-os-tc.inc" - -require ${MACHINE_OPTEE_OS_TADEVKIT_REQUIRE} diff --git a/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb b/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb deleted file mode 100644 index 6e1e6ad4..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb +++ /dev/null @@ -1,15 +0,0 @@ -require recipes-security/optee/optee-os.inc - -DEPENDS += "dtc-native" - -FILESEXTRAPATHS:prepend := "${THISDIR}/${P}:" - -SRCREV = "1ee647035939e073a2e8dddb727c0f019cc035f1" -SRC_URI += " \ - file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \ - file://0002-optee-enable-clang-support.patch \ - file://0003-core-link-add-no-warn-rwx-segments.patch \ - file://0004-core-Define-section-attributes-for-clang.patch \ - file://0005-core-ldelf-link-add-z-execstack.patch \ - file://0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch \ - " diff --git a/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend b/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend deleted file mode 100644 index e276fb86..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bbappend +++ /dev/null @@ -1,6 +0,0 @@ -# Machine specific configurations - -MACHINE_OPTEE_OS_REQUIRE ?= "" -MACHINE_OPTEE_OS_REQUIRE:tc = "optee-os-tc.inc" - -require ${MACHINE_OPTEE_OS_REQUIRE} diff --git a/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb b/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb deleted file mode 100644 index cf8ea01b..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb +++ /dev/null @@ -1,10 +0,0 @@ -require recipes-security/optee/optee-test.inc - -SRC_URI += " \ - file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \ - " -SRCREV = "da5282a011b40621a2cf7a296c11a35c833ed91b" - -EXTRA_OEMAKE:append:libc-musl = " OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}" -DEPENDS:append:libc-musl = " openssl" -CFLAGS:append:libc-musl = " -Wno-error=deprecated-declarations" From patchwork Wed Oct 25 22:44:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jon Mason X-Patchwork-Id: 32967 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 39C11C25B67 for ; Thu, 26 Oct 2023 13:38:37 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.200408.1698327513027282906 for ; Thu, 26 Oct 2023 06:38:33 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: jon.mason@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 356652F4 for ; Thu, 26 Oct 2023 06:39:14 -0700 (PDT) Received: from debian.lan?044arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 8412C3F7C5 for ; Thu, 26 Oct 2023 06:38:32 -0700 (PDT) From: Jon Mason To: meta-arm@lists.yoctoproject.org Subject: [PATCH 2/2] arm-bsp/edk2: remove 202211 Date: Wed, 25 Oct 2023 17:44:48 -0500 Message-Id: <20231025224448.3921419-2-jon.mason@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20231025224448.3921419-1-jon.mason@arm.com> References: <20231025224448.3921419-1-jon.mason@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 26 Oct 2023 13:38:37 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5179 202211 is no longer referenced and can be removed Signed-off-by: Jon Mason --- meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb diff --git a/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb b/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb deleted file mode 100644 index 378f5854..00000000 --- a/meta-arm-bsp/recipes-bsp/uefi/edk2-firmware_202211.bb +++ /dev/null @@ -1,4 +0,0 @@ -SRCREV_edk2 ?= "fff6d81270b57ee786ea18ad74f43149b9f03494" -SRCREV_edk2-platforms ?= "982212662c71b6c734b7578526071d6b78da3bcc" - -require recipes-bsp/uefi/edk2-firmware.inc