From patchwork Mon Jan 8 21:18:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jon Mason X-Patchwork-Id: 37562 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9D4FFC47077 for ; Tue, 9 Jan 2024 16:32:11 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.21129.1704817931098198424 for ; Tue, 09 Jan 2024 08:32:11 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: jon.mason@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id AB6A6DA7 for ; Tue, 9 Jan 2024 08:32:55 -0800 (PST) Received: from debian.lan?044arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id E6D133F5A1 for ; Tue, 9 Jan 2024 08:32:09 -0800 (PST) From: Jon Mason To: meta-arm@lists.yoctoproject.org Subject: [PATCH 1/3] arm-bsp/optee-os: remove unused 3.18 files Date: Mon, 8 Jan 2024 15:18:44 -0600 Message-Id: <20240108211846.29349-1-jon.mason@arm.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 09 Jan 2024 16:32:11 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5323 Signed-off-by: Jon Mason --- ...ow-setting-sysroot-for-libgcc-lookup.patch | 34 --- .../0002-optee-enable-clang-support.patch | 29 --- ...3-core-link-add-no-warn-rwx-segments.patch | 64 ----- ...-Define-section-attributes-for-clang.patch | 240 ------------------ .../optee/optee-os-ts-3.18.inc | 54 ---- 5 files changed, 421 deletions(-) delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-ts-3.18.inc diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch b/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch deleted file mode 100644 index 2aec7fc3..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch +++ /dev/null @@ -1,34 +0,0 @@ -From fed478758e495f35d18a9e2a89193e6577b06799 Mon Sep 17 00:00:00 2001 -From: Ross Burton -Date: Tue, 26 May 2020 14:38:02 -0500 -Subject: [PATCH] allow setting sysroot for libgcc lookup - -Explicitly pass the new variable LIBGCC_LOCATE_CFLAGS variable when searching -for the compiler libraries as there's no easy way to reliably pass --sysroot -otherwise. - -Upstream-Status: Pending [https://github.com/OP-TEE/optee_os/issues/4188] -Signed-off-by: Ross Burton ---- - mk/gcc.mk | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/mk/gcc.mk b/mk/gcc.mk -index adc77a24f25e..81bfa78ad8d7 100644 ---- a/mk/gcc.mk -+++ b/mk/gcc.mk -@@ -13,11 +13,11 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \ - -print-file-name=include 2> /dev/null) - - # Get location of libgcc from gcc --libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ -+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \ - -print-libgcc-file-name 2> /dev/null) --libstdc++$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ -+libstdc++$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ - -print-file-name=libstdc++.a 2> /dev/null) --libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ -+libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ - -print-file-name=libgcc_eh.a 2> /dev/null) - - # Define these to something to discover accidental use diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch b/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch deleted file mode 100644 index 7441e744..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch +++ /dev/null @@ -1,29 +0,0 @@ -From f158e3af6633bd689a76d53be2c9c590c0385350 Mon Sep 17 00:00:00 2001 -From: Brett Warren -Date: Wed, 23 Sep 2020 09:27:34 +0100 -Subject: [PATCH] optee: enable clang support - -When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used -to provide a sysroot wasn't included, which results in not locating -compiler-rt. This is mitigated by including the variable as ammended. - -Upstream-Status: Pending -ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701 -Signed-off-by: Brett Warren ---- - mk/clang.mk | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/mk/clang.mk b/mk/clang.mk -index c141a3f2ed0b..7d067cc007fa 100644 ---- a/mk/clang.mk -+++ b/mk/clang.mk -@@ -27,7 +27,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \ - - # Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of - # libgcc for clang --libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ -+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \ - -rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null) - - # Core ASLR relies on the executable being ready to run from its preferred load diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch b/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch deleted file mode 100644 index 62aee356..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch +++ /dev/null @@ -1,64 +0,0 @@ -From fb69397234b1efe3528714b6c0c1921ce37ad6a6 Mon Sep 17 00:00:00 2001 -From: Jerome Forissier -Date: Fri, 5 Aug 2022 09:48:03 +0200 -Subject: [PATCH] core: link: add --no-warn-rwx-segments - -Signed-off-by: Anton Antonov -Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5474] - -binutils ld.bfd generates one RWX LOAD segment by merging several sections -with mixed R/W/X attributes (.text, .rodata, .data). After version 2.38 it -also warns by default when that happens [1], which breaks the build due to ---fatal-warnings. The RWX segment is not a problem for the TEE core, since -that information is not used to set memory permissions. Therefore, silence -the warning. - -Link: [1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107 -Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29448 -Reported-by: Dominique Martinet -Signed-off-by: Jerome Forissier -Acked-by: Jens Wiklander ---- - core/arch/arm/kernel/link.mk | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk -index 7eed333a32de..c39d43cbfc5b 100644 ---- a/core/arch/arm/kernel/link.mk -+++ b/core/arch/arm/kernel/link.mk -@@ -31,6 +31,7 @@ link-ldflags += -T $(link-script-pp) -Map=$(link-out-dir)/tee.map - link-ldflags += --sort-section=alignment - link-ldflags += --fatal-warnings - link-ldflags += --gc-sections -+link-ldflags += $(call ld-option,--no-warn-rwx-segments) - - link-ldadd = $(LDADD) - link-ldadd += $(ldflags-external) -@@ -55,6 +56,7 @@ link-script-cppflags := \ - $(cppflagscore)) - - ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \ -+ $(call ld-option,--no-warn-rwx-segments) \ - $(link-objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/all_objs.o - $(link-out-dir)/all_objs.o: $(objs) $(libdeps) $(MAKEFILE_LIST) -@@ -67,7 +69,8 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o - $(q)$(NMcore) $< | \ - $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@ - --unpaged-ldargs = -T $(link-script-dummy) --no-check-sections --gc-sections -+unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -+ $(call ld-option,--no-warn-rwx-segments) - unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/unpaged.o - $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt -@@ -95,7 +98,8 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o - $(q)$(NMcore) $< | \ - $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@ - --init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections -+init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -+ $(call ld-option,--no-warn-rwx-segments) - init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \ - $(libgcccore) - cleanfiles += $(link-out-dir)/init.o diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch b/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch deleted file mode 100644 index e3c509f6..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch +++ /dev/null @@ -1,240 +0,0 @@ -From 0690909f07779a8f35b1f3d0baf8d4c5c9305d14 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Sat, 13 Aug 2022 19:24:55 -0700 -Subject: [PATCH] core: Define section attributes for clang - -Clang's attribute section is not same as gcc, here we need to add flags -to sections so they can be eventually collected by linker into final -output segments. Only way to do so with clang is to use - -pragma clang section ... - -The behavious is described here [1], this allows us to define names bss -sections. This was not an issue until clang-15 where LLD linker starts -to detect the section flags before merging them and throws the following -errors - -| ld.lld: error: section type mismatch for .nozi.kdata_page -| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/kernel/thread.o:(.nozi.kdata_page): SHT_PROGBITS -| >>> output section .nozi: SHT_NOBITS -| -| ld.lld: error: section type mismatch for .nozi.mmu.l2 -| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/mm/core_mmu_lpae.o:(.nozi.mmu.l2): SHT_PROGBITS -| >>> output section .nozi: SHT_NOBITS - -These sections should be carrying SHT_NOBITS but so far it was not -possible to do so, this patch tries to use clangs pragma to get this -going and match the functionality with gcc. - -[1] https://intel.github.io/llvm-docs/clang/LanguageExtensions.html#specifying-section-names-for-global-objects-pragma-clang-section - -Upstream-Status: Pending -Signed-off-by: Khem Raj ---- - core/arch/arm/kernel/thread.c | 19 +++++++++++++++-- - core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++---- - core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++--- - core/arch/arm/mm/pgt_cache.c | 12 ++++++++++- - core/kernel/thread.c | 13 +++++++++++- - 5 files changed, 104 insertions(+), 11 deletions(-) - -diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c -index f083b159e969..432983c86c9f 100644 ---- a/core/arch/arm/kernel/thread.c -+++ b/core/arch/arm/kernel/thread.c -@@ -44,15 +44,30 @@ static size_t thread_user_kcode_size __nex_bss; - #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \ - defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64) - long thread_user_kdata_sp_offset __nex_bss; -+#ifdef __clang__ -+#ifndef CFG_VIRTUALIZATION -+#pragma clang section bss=".nozi.kdata_page" -+#else -+#pragma clang section bss=".nex_nozi.kdata_page" -+#endif -+#endif - static uint8_t thread_user_kdata_page[ - ROUNDUP(sizeof(struct thread_core_local) * CFG_TEE_CORE_NB_CORE, - SMALL_PAGE_SIZE)] - __aligned(SMALL_PAGE_SIZE) -+#ifndef __clang__ - #ifndef CFG_VIRTUALIZATION -- __section(".nozi.kdata_page"); -+ __section(".nozi.kdata_page") - #else -- __section(".nex_nozi.kdata_page"); -+ __section(".nex_nozi.kdata_page") - #endif -+#endif -+ ; -+#endif -+ -+/* reset BSS section to default ( .bss ) */ -+#ifdef __clang__ -+#pragma clang section bss="" - #endif - - #ifdef ARM32 -diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c -index 3f08eec623f3..e6dc9261c41e 100644 ---- a/core/arch/arm/mm/core_mmu_lpae.c -+++ b/core/arch/arm/mm/core_mmu_lpae.c -@@ -233,19 +233,46 @@ typedef uint16_t l1_idx_t; - typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES]; - typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES]; - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.base_table" -+#endif - static base_xlat_tbls_t base_xlation_table[NUM_BASE_TABLES] - __aligned(NUM_BASE_LEVEL_ENTRIES * XLAT_ENTRY_SIZE) -- __section(".nozi.mmu.base_table"); -+#ifndef __clang__ -+ __section(".nozi.mmu.base_table") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - static xlat_tbl_t xlat_tables[MAX_XLAT_TABLES] -- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2"); -+ __aligned(XLAT_TABLE_SIZE) -+#ifndef __clang__ -+ __section(".nozi.mmu.l2") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - #define XLAT_TABLES_SIZE (sizeof(xlat_tbl_t) * MAX_XLAT_TABLES) - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - /* MMU L2 table for TAs, one for each thread */ - static xlat_tbl_t xlat_tables_ul1[CFG_NUM_THREADS] -- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2"); -- -+#ifndef __clang__ -+ __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - /* - * TAs page table entry inside a level 1 page table. - * -diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c -index cd85bd22d385..3e18f54f6cf8 100644 ---- a/core/arch/arm/mm/core_mmu_v7.c -+++ b/core/arch/arm/mm/core_mmu_v7.c -@@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES]; - typedef uint32_t l2_xlat_tbl_t[NUM_L2_ENTRIES]; - typedef uint32_t ul1_xlat_tbl_t[NUM_UL1_ENTRIES]; - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l1" -+#endif - static l1_xlat_tbl_t main_mmu_l1_ttb -- __aligned(L1_ALIGNMENT) __section(".nozi.mmu.l1"); -+ __aligned(L1_ALIGNMENT) -+#ifndef __clang__ -+ __section(".nozi.mmu.l1") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - /* L2 MMU tables */ -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - static l2_xlat_tbl_t main_mmu_l2_ttb[MAX_XLAT_TABLES] -- __aligned(L2_ALIGNMENT) __section(".nozi.mmu.l2"); -+ __aligned(L2_ALIGNMENT) -+#ifndef __clang__ -+ __section(".nozi.mmu.l2") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - /* MMU L1 table for TAs, one for each thread */ -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.ul1" -+#endif - static ul1_xlat_tbl_t main_mmu_ul1_ttb[CFG_NUM_THREADS] -- __aligned(UL1_ALIGNMENT) __section(".nozi.mmu.ul1"); -+ __aligned(UL1_ALIGNMENT) -+#ifndef __clang__ -+ __section(".nozi.mmu.ul1") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - struct mmu_partition { - l1_xlat_tbl_t *l1_table; -diff --git a/core/arch/arm/mm/pgt_cache.c b/core/arch/arm/mm/pgt_cache.c -index dee1d207943f..382cae1c3f30 100644 ---- a/core/arch/arm/mm/pgt_cache.c -+++ b/core/arch/arm/mm/pgt_cache.c -@@ -104,8 +104,18 @@ void pgt_init(void) - * has a large alignment, while .bss has a small alignment. The current - * link script is optimized for small alignment in .bss - */ -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE] -- __aligned(PGT_SIZE) __section(".nozi.pgt_cache"); -+ __aligned(PGT_SIZE) -+#ifndef __clang__ -+ __section(".nozi.pgt_cache") -+#endif -+ ; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - size_t n; - - for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) { -diff --git a/core/kernel/thread.c b/core/kernel/thread.c -index 18d34e6adfe2..086129e282bc 100644 ---- a/core/kernel/thread.c -+++ b/core/kernel/thread.c -@@ -37,13 +37,24 @@ struct thread_core_local thread_core_local[CFG_TEE_CORE_NB_CORE] __nex_bss; - name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1] - #endif - -+#define DO_PRAGMA(x) _Pragma (#x) -+ -+#ifdef __clang__ -+#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ -+DO_PRAGMA (clang section bss=".nozi_stack." #name) \ -+linkage uint32_t name[num_stacks] \ -+ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ -+ STACK_ALIGNMENT) / sizeof(uint32_t)] \ -+ __attribute__((aligned(STACK_ALIGNMENT))); \ -+DO_PRAGMA(clang section bss="") -+#else - #define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ - linkage uint32_t name[num_stacks] \ - [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ - STACK_ALIGNMENT) / sizeof(uint32_t)] \ - __attribute__((section(".nozi_stack." # name), \ - aligned(STACK_ALIGNMENT))) -- -+#endif - #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack)) - - DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, diff --git a/meta-arm-bsp/recipes-security/optee/optee-os-ts-3.18.inc b/meta-arm-bsp/recipes-security/optee/optee-os-ts-3.18.inc deleted file mode 100644 index 4dffc46d..00000000 --- a/meta-arm-bsp/recipes-security/optee/optee-os-ts-3.18.inc +++ /dev/null @@ -1,54 +0,0 @@ -# Include Trusted Services SPs accordingly to defined machine features - -# Please notice that OPTEE will load SPs in the order listed in this file. -# If an SP requires another SP to be already loaded it must be listed lower. - -# TS SPs UUIDs definitions -require recipes-security/trusted-services/ts-uuid.inc - -TS_ENV = "opteesp" -TS_BIN = "${RECIPE_SYSROOT}/usr/${TS_ENV}/bin" - -# ITS SP -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-its', \ - ' ts-sp-its', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-its', \ - ' ${TS_BIN}/${ITS_UUID}.stripped.elf', '', d)}" - -# Storage SP -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-storage', \ - ' ts-sp-storage', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-storage', \ - ' ${TS_BIN}/${STORAGE_UUID}.stripped.elf', '', d)}" - -# Crypto SP. -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-crypto', \ - ' ts-sp-crypto', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-crypto', \ - ' ${TS_BIN}/${CRYPTO_UUID}.stripped.elf', '', d)}" - -# Attestation SP -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', \ - ' ts-sp-attestation', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-attestation', \ - ' ${TS_BIN}/${ATTESTATION_UUID}.stripped.elf', '', d)}" - -# Env-test SP -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-env-test', \ - ' ts-sp-env-test', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-env-test', \ - ' ${TS_BIN}/${ENV_TEST_UUID}.stripped.elf', '', d)}" - -# SE-Proxy SP -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-se-proxy', \ - ' ts-sp-se-proxy', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-se-proxy', \ - ' ${TS_BIN}/${SE_PROXY_UUID}.stripped.elf', '', d)}" - -# SMM Gateway -DEPENDS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-smm-gateway', \ - ' ts-sp-smm-gateway', '' , d)}" -SP_PATHS:append = "${@bb.utils.contains('MACHINE_FEATURES', 'ts-smm-gateway', \ - ' ${TS_BIN}/${SMM_GATEWAY_UUID}.stripped.elf', '', d)}" - -EXTRA_OEMAKE:append = "${@oe.utils.conditional('SP_PATHS', '', '', ' CFG_MAP_EXT_DT_SECURE=y CFG_SECURE_PARTITION=y SP_PATHS="${SP_PATHS}" ', d)}" From patchwork Mon Jan 8 21:18:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jon Mason X-Patchwork-Id: 37563 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F3A9C47079 for ; Tue, 9 Jan 2024 16:32:11 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.21313.1704817931167776158 for ; Tue, 09 Jan 2024 08:32:11 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: jon.mason@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DC0EAFEC for ; Tue, 9 Jan 2024 08:32:55 -0800 (PST) Received: from debian.lan?044arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 2FADD3F5A1 for ; Tue, 9 Jan 2024 08:32:10 -0800 (PST) From: Jon Mason To: meta-arm@lists.yoctoproject.org Subject: [PATCH 2/3] arm/optee-os: use sysroot in CFLAGS Date: Mon, 8 Jan 2024 15:18:45 -0600 Message-Id: <20240108211846.29349-2-jon.mason@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20240108211846.29349-1-jon.mason@arm.com> References: <20240108211846.29349-1-jon.mason@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 09 Jan 2024 16:32:11 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5324 Per the comment in https://github.com/OP-TEE/optee_os/issues/4188 use sysroot in CFLAGS instead of the patch Signed-off-by: Jon Mason --- meta-arm/recipes-security/optee/optee-os.inc | 1 - ...ow-setting-sysroot-for-libgcc-lookup.patch | 35 ------------------- .../recipes-security/optee/optee-os_4.0.0.bb | 1 - meta-arm/recipes-security/optee/optee.inc | 2 ++ 4 files changed, 2 insertions(+), 37 deletions(-) delete mode 100644 meta-arm/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch diff --git a/meta-arm/recipes-security/optee/optee-os.inc b/meta-arm/recipes-security/optee/optee-os.inc index 8e25d361..80ac0097 100644 --- a/meta-arm/recipes-security/optee/optee-os.inc +++ b/meta-arm/recipes-security/optee/optee-os.inc @@ -31,7 +31,6 @@ EXTRA_OEMAKE += " \ EXTRA_OEMAKE += " HOST_PREFIX=${HOST_PREFIX}" EXTRA_OEMAKE += " CROSS_COMPILE64=${HOST_PREFIX}" -CFLAGS[unexport] = "1" LDFLAGS[unexport] = "1" CPPFLAGS[unexport] = "1" AS[unexport] = "1" diff --git a/meta-arm/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch b/meta-arm/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch deleted file mode 100644 index b060952c..00000000 --- a/meta-arm/recipes-security/optee/optee-os/0001-allow-setting-sysroot-for-libgcc-lookup.patch +++ /dev/null @@ -1,35 +0,0 @@ -From d94ad6c6efb71f683b183e84919122bb6f3ac65d Mon Sep 17 00:00:00 2001 -From: Ross Burton -Date: Tue, 26 May 2020 14:38:02 -0500 -Subject: [PATCH] allow setting sysroot for libgcc lookup - -Explicitly pass the new variable LIBGCC_LOCATE_CFLAGS variable when searching -for the compiler libraries as there's no easy way to reliably pass --sysroot -otherwise. - -Upstream-Status: Pending [https://github.com/OP-TEE/optee_os/issues/4188] -Signed-off-by: Ross Burton - ---- - mk/gcc.mk | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/mk/gcc.mk b/mk/gcc.mk -index adc77a24f..81bfa78ad 100644 ---- a/mk/gcc.mk -+++ b/mk/gcc.mk -@@ -13,11 +13,11 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \ - -print-file-name=include 2> /dev/null) - - # Get location of libgcc from gcc --libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \ -+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \ - -print-libgcc-file-name 2> /dev/null) --libstdc++$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ -+libstdc++$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ - -print-file-name=libstdc++.a 2> /dev/null) --libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ -+libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \ - -print-file-name=libgcc_eh.a 2> /dev/null) - - # Define these to something to discover accidental use diff --git a/meta-arm/recipes-security/optee/optee-os_4.0.0.bb b/meta-arm/recipes-security/optee/optee-os_4.0.0.bb index 10b16aa0..a5a594fb 100644 --- a/meta-arm/recipes-security/optee/optee-os_4.0.0.bb +++ b/meta-arm/recipes-security/optee/optee-os_4.0.0.bb @@ -6,7 +6,6 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" SRCREV = "2a5b1d1232f582056184367fb58a425ac7478ec6" SRC_URI += " \ - file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \ file://0002-core-Define-section-attributes-for-clang.patch \ file://0003-optee-enable-clang-support.patch \ file://0004-core-link-add-no-warn-rwx-segments.patch \ diff --git a/meta-arm/recipes-security/optee/optee.inc b/meta-arm/recipes-security/optee/optee.inc index 650f8d0b..af391f39 100644 --- a/meta-arm/recipes-security/optee/optee.inc +++ b/meta-arm/recipes-security/optee/optee.inc @@ -32,5 +32,7 @@ EXTRA_OEMAKE += "V=1 \ # right path until this is relocated automatically. export OPENSSL_MODULES="${STAGING_LIBDIR_NATIVE}/ossl-modules" +CFLAGS += "--sysroot=${STAGING_DIR_HOST}" + # See the rationale in https://github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txt. CVE_STATUS[CVE-2021-36133] = "disputed: devices shipped open for development purposes" From patchwork Mon Jan 8 21:18:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jon Mason X-Patchwork-Id: 37561 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9109C46CD2 for ; Tue, 9 Jan 2024 16:32:11 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.21130.1704817931293804993 for ; Tue, 09 Jan 2024 08:32:11 -0800 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: jon.mason@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 8006014BF for ; Tue, 9 Jan 2024 08:32:56 -0800 (PST) Received: from debian.lan?044arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 612713F5A1 for ; Tue, 9 Jan 2024 08:32:10 -0800 (PST) From: Jon Mason To: meta-arm@lists.yoctoproject.org Subject: [PATCH 3/3] arm/optee-os: remove unneeded clang patches Date: Mon, 8 Jan 2024 15:18:46 -0600 Message-Id: <20240108211846.29349-3-jon.mason@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20240108211846.29349-1-jon.mason@arm.com> References: <20240108211846.29349-1-jon.mason@arm.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 09 Jan 2024 16:32:11 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/meta-arm/message/5325 These patches don't appear to be needed anymore. Removing them. Signed-off-by: Jon Mason --- ...-Define-section-attributes-for-clang.patch | 241 ------------------ .../0003-optee-enable-clang-support.patch | 2 +- ...4-core-link-add-no-warn-rwx-segments.patch | 63 ----- .../recipes-security/optee/optee-os_4.0.0.bb | 2 - 4 files changed, 1 insertion(+), 307 deletions(-) delete mode 100644 meta-arm/recipes-security/optee/optee-os/0002-core-Define-section-attributes-for-clang.patch delete mode 100644 meta-arm/recipes-security/optee/optee-os/0004-core-link-add-no-warn-rwx-segments.patch diff --git a/meta-arm/recipes-security/optee/optee-os/0002-core-Define-section-attributes-for-clang.patch b/meta-arm/recipes-security/optee/optee-os/0002-core-Define-section-attributes-for-clang.patch deleted file mode 100644 index 64fa9e45..00000000 --- a/meta-arm/recipes-security/optee/optee-os/0002-core-Define-section-attributes-for-clang.patch +++ /dev/null @@ -1,241 +0,0 @@ -From fc930e468045dda9eab4ebe6927cc322bb294f3b Mon Sep 17 00:00:00 2001 -From: Emekcan Aras -Date: Wed, 21 Dec 2022 10:55:58 +0000 -Subject: [PATCH] core: Define section attributes for clang - -Clang's attribute section is not same as gcc, here we need to add flags -to sections so they can be eventually collected by linker into final -output segments. Only way to do so with clang is to use - -pragma clang section ... - -The behavious is described here [1], this allows us to define names bss -sections. This was not an issue until clang-15 where LLD linker starts -to detect the section flags before merging them and throws the following -errors - -| ld.lld: error: section type mismatch for .nozi.kdata_page -| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/kernel/thread.o:(.nozi.kdata_page): SHT_PROGBITS -| >>> output section .nozi: SHT_NOBITS -| -| ld.lld: error: section type mismatch for .nozi.mmu.l2 -| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/mm/core_mmu_lpae.o:(.nozi.mmu.l2): SHT_PROGBITS -| >>> output section .nozi: SHT_NOBITS - -These sections should be carrying SHT_NOBITS but so far it was not -possible to do so, this patch tries to use clangs pragma to get this -going and match the functionality with gcc. - -[1] https://intel.github.io/llvm-docs/clang/LanguageExtensions.html#specifying-section-names-for-global-objects-pragma-clang-section - -Upstream-Status: Pending -Signed-off-by: Khem Raj - ---- - core/arch/arm/kernel/thread.c | 19 +++++++++++++++-- - core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++---- - core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++--- - core/kernel/thread.c | 13 +++++++++++- - core/mm/pgt_cache.c | 12 ++++++++++- - 5 files changed, 104 insertions(+), 11 deletions(-) - -diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c -index 66833b3a0..b3eb9cf9a 100644 ---- a/core/arch/arm/kernel/thread.c -+++ b/core/arch/arm/kernel/thread.c -@@ -45,15 +45,30 @@ static size_t thread_user_kcode_size __nex_bss; - #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \ - defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64) - long thread_user_kdata_sp_offset __nex_bss; -+#ifdef __clang__ -+#ifndef CFG_VIRTUALIZATION -+#pragma clang section bss=".nozi.kdata_page" -+#else -+#pragma clang section bss=".nex_nozi.kdata_page" -+#endif -+#endif - static uint8_t thread_user_kdata_page[ - ROUNDUP(sizeof(struct thread_core_local) * CFG_TEE_CORE_NB_CORE, - SMALL_PAGE_SIZE)] - __aligned(SMALL_PAGE_SIZE) -+#ifndef __clang__ - #ifndef CFG_NS_VIRTUALIZATION -- __section(".nozi.kdata_page"); -+ __section(".nozi.kdata_page") - #else -- __section(".nex_nozi.kdata_page"); -+ __section(".nex_nozi.kdata_page") - #endif -+#endif -+ ; -+#endif -+ -+/* reset BSS section to default ( .bss ) */ -+#ifdef __clang__ -+#pragma clang section bss="" - #endif - - #ifdef ARM32 -diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c -index 7e79f780a..ec4db9dc9 100644 ---- a/core/arch/arm/mm/core_mmu_lpae.c -+++ b/core/arch/arm/mm/core_mmu_lpae.c -@@ -233,19 +233,46 @@ typedef uint16_t l1_idx_t; - typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES]; - typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES]; - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.base_table" -+#endif - static base_xlat_tbls_t base_xlation_table[NUM_BASE_TABLES] - __aligned(NUM_BASE_LEVEL_ENTRIES * XLAT_ENTRY_SIZE) -- __section(".nozi.mmu.base_table"); -+#ifndef __clang__ -+ __section(".nozi.mmu.base_table") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - static xlat_tbl_t xlat_tables[MAX_XLAT_TABLES] -- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2"); -+ __aligned(XLAT_TABLE_SIZE) -+#ifndef __clang__ -+ __section(".nozi.mmu.l2") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - #define XLAT_TABLES_SIZE (sizeof(xlat_tbl_t) * MAX_XLAT_TABLES) - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - /* MMU L2 table for TAs, one for each thread */ - static xlat_tbl_t xlat_tables_ul1[CFG_NUM_THREADS] -- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2"); -- -+#ifndef __clang__ -+ __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - /* - * TAs page table entry inside a level 1 page table. - * -diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c -index 61e703da8..1960c08ca 100644 ---- a/core/arch/arm/mm/core_mmu_v7.c -+++ b/core/arch/arm/mm/core_mmu_v7.c -@@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES]; - typedef uint32_t l2_xlat_tbl_t[NUM_L2_ENTRIES]; - typedef uint32_t ul1_xlat_tbl_t[NUM_UL1_ENTRIES]; - -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l1" -+#endif - static l1_xlat_tbl_t main_mmu_l1_ttb -- __aligned(L1_ALIGNMENT) __section(".nozi.mmu.l1"); -+ __aligned(L1_ALIGNMENT) -+#ifndef __clang__ -+ __section(".nozi.mmu.l1") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - /* L2 MMU tables */ -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - static l2_xlat_tbl_t main_mmu_l2_ttb[MAX_XLAT_TABLES] -- __aligned(L2_ALIGNMENT) __section(".nozi.mmu.l2"); -+ __aligned(L2_ALIGNMENT) -+#ifndef __clang__ -+ __section(".nozi.mmu.l2") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - /* MMU L1 table for TAs, one for each thread */ -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.ul1" -+#endif - static ul1_xlat_tbl_t main_mmu_ul1_ttb[CFG_NUM_THREADS] -- __aligned(UL1_ALIGNMENT) __section(".nozi.mmu.ul1"); -+ __aligned(UL1_ALIGNMENT) -+#ifndef __clang__ -+ __section(".nozi.mmu.ul1") -+#endif -+; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - - struct mmu_partition { - l1_xlat_tbl_t *l1_table; -diff --git a/core/kernel/thread.c b/core/kernel/thread.c -index 2a1f22dce..5516b6771 100644 ---- a/core/kernel/thread.c -+++ b/core/kernel/thread.c -@@ -39,13 +39,24 @@ static uint32_t end_canary_value = 0xababab00; - name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1] - #endif - -+#define DO_PRAGMA(x) _Pragma (#x) -+ -+#ifdef __clang__ -+#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ -+DO_PRAGMA (clang section bss=".nozi_stack." #name) \ -+linkage uint32_t name[num_stacks] \ -+ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ -+ STACK_ALIGNMENT) / sizeof(uint32_t)] \ -+ __attribute__((aligned(STACK_ALIGNMENT))); \ -+DO_PRAGMA(clang section bss="") -+#else - #define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ - linkage uint32_t name[num_stacks] \ - [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ - STACK_ALIGNMENT) / sizeof(uint32_t)] \ - __attribute__((section(".nozi_stack." # name), \ - aligned(STACK_ALIGNMENT))) -- -+#endif - #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack)) - - DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE, -diff --git a/core/mm/pgt_cache.c b/core/mm/pgt_cache.c -index 79553c6d2..b9efdf427 100644 ---- a/core/mm/pgt_cache.c -+++ b/core/mm/pgt_cache.c -@@ -410,8 +410,18 @@ void pgt_init(void) - * has a large alignment, while .bss has a small alignment. The current - * link script is optimized for small alignment in .bss - */ -+#ifdef __clang__ -+#pragma clang section bss=".nozi.mmu.l2" -+#endif - static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE] -- __aligned(PGT_SIZE) __section(".nozi.pgt_cache"); -+ __aligned(PGT_SIZE) -+#ifndef __clang__ -+ __section(".nozi.pgt_cache") -+#endif -+ ; -+#ifdef __clang__ -+#pragma clang section bss="" -+#endif - size_t n; - - for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) { diff --git a/meta-arm/recipes-security/optee/optee-os/0003-optee-enable-clang-support.patch b/meta-arm/recipes-security/optee/optee-os/0003-optee-enable-clang-support.patch index 299a24ea..3c13ce3f 100644 --- a/meta-arm/recipes-security/optee/optee-os/0003-optee-enable-clang-support.patch +++ b/meta-arm/recipes-security/optee/optee-os/0003-optee-enable-clang-support.patch @@ -1,4 +1,4 @@ -From b33de2f059f1394028a94ee9da081fa6644b50a2 Mon Sep 17 00:00:00 2001 +From 59d4c190eae11c93b26cca5a7b005a17dadc8248 Mon Sep 17 00:00:00 2001 From: Brett Warren Date: Wed, 23 Sep 2020 09:27:34 +0100 Subject: [PATCH] optee: enable clang support diff --git a/meta-arm/recipes-security/optee/optee-os/0004-core-link-add-no-warn-rwx-segments.patch b/meta-arm/recipes-security/optee/optee-os/0004-core-link-add-no-warn-rwx-segments.patch deleted file mode 100644 index 54b19efa..00000000 --- a/meta-arm/recipes-security/optee/optee-os/0004-core-link-add-no-warn-rwx-segments.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 024314135e8dfe40f26f63da55d0a1426f0a8691 Mon Sep 17 00:00:00 2001 -From: Jerome Forissier -Date: Fri, 5 Aug 2022 09:48:03 +0200 -Subject: [PATCH] core: link: add --no-warn-rwx-segments - -Signed-off-by: Anton Antonov -Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5474] - -binutils ld.bfd generates one RWX LOAD segment by merging several sections -with mixed R/W/X attributes (.text, .rodata, .data). After version 2.38 it -also warns by default when that happens [1], which breaks the build due to ---fatal-warnings. The RWX segment is not a problem for the TEE core, since -that information is not used to set memory permissions. Therefore, silence -the warning. - -Link: [1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107 -Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29448 -Reported-by: Dominique Martinet -Signed-off-by: Jerome Forissier -Acked-by: Jens Wiklander - ---- - core/arch/arm/kernel/link.mk | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk -index 49e9f4fa1..9e1cc172f 100644 ---- a/core/arch/arm/kernel/link.mk -+++ b/core/arch/arm/kernel/link.mk -@@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment - link-ldflags += --fatal-warnings - link-ldflags += --gc-sections - link-ldflags += $(link-ldflags-common) -+link-ldflags += $(call ld-option,--no-warn-rwx-segments) - - link-ldadd = $(LDADD) - link-ldadd += $(ldflags-external) -@@ -61,6 +62,7 @@ link-script-cppflags := \ - $(cppflagscore)) - - ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \ -+ $(call ld-option,--no-warn-rwx-segments) \ - $(link-ldflags-common) \ - $(link-objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/all_objs.o -@@ -75,7 +77,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o - $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@ - - unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -- $(link-ldflags-common) -+ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments) - unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore) - cleanfiles += $(link-out-dir)/unpaged.o - $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt -@@ -104,7 +106,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o - $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@ - - init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \ -- $(link-ldflags-common) -+ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments) - init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \ - $(libgcccore) - cleanfiles += $(link-out-dir)/init.o diff --git a/meta-arm/recipes-security/optee/optee-os_4.0.0.bb b/meta-arm/recipes-security/optee/optee-os_4.0.0.bb index a5a594fb..cb326042 100644 --- a/meta-arm/recipes-security/optee/optee-os_4.0.0.bb +++ b/meta-arm/recipes-security/optee/optee-os_4.0.0.bb @@ -6,7 +6,5 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" SRCREV = "2a5b1d1232f582056184367fb58a425ac7478ec6" SRC_URI += " \ - file://0002-core-Define-section-attributes-for-clang.patch \ file://0003-optee-enable-clang-support.patch \ - file://0004-core-link-add-no-warn-rwx-segments.patch \ "