From: Peter Griffin Date: Fri, 25 Oct 2019 09:34:53 +0000 (+0200) Subject: optee-client: Add support for optee-client imx fork X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=d331f7043142626ce2250ccd7f9a3e4791b1d377;p=meta-freescale.git optee-client: Add support for optee-client imx fork This also includes some backported gcc 8 fixes from upstream. Signed-off-by: Peter Griffin --- diff --git a/recipes-security/optee-imx/optee-client/0001-libteec-refactor-_dprintf.patch b/recipes-security/optee-imx/optee-client/0001-libteec-refactor-_dprintf.patch new file mode 100644 index 00000000..1c053f38 --- /dev/null +++ b/recipes-security/optee-imx/optee-client/0001-libteec-refactor-_dprintf.patch @@ -0,0 +1,171 @@ +Upstream-Status: Backport 3.3.0 + +Signed-off-by: Peter Griffin +--- +From 0361f9b21bb1acfaf23323a121f542fe03dcd2c8 Mon Sep 17 00:00:00 2001 +From: Jerome Forissier +Date: Thu, 5 Jul 2018 15:15:31 +0200 +Subject: [PATCH] libteec: refactor _dprintf() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC8.1 gives an error when compiling _dprintf(): + +src/teec_trace.c: In function ‘_dprintf’: +src/teec_trace.c:110:5: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 246 [-Werror=format-truncation=] + "%s [%d] %s:%s:%d: %s", + ^~~~~~~~~~~~~~~~~~~~~~ +src/teec_trace.c:112:11: + line, raw); + ~~~ +src/teec_trace.c:109:3: note: ‘snprintf’ output 11 or more bytes (assuming 266) into a destination of size 256 + snprintf(prefixed, MAX_PRINT_SIZE, + ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + "%s [%d] %s:%s:%d: %s", + ~~~~~~~~~~~~~~~~~~~~~~~ + trace_level_strings[level], thread_id, prefix, func, + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + line, raw); + ~~~~~~~~~~ + +Fix this error by using a single output buffer, printing the prefix first +then the other arguments with the supplied format. + +In addition, further simplify the function by getting rid of things that +do not make much sense: +- Remove the 'flen' parameter, which is only ever set to zero or + strlen(__func__). +- Remove the TRACE_FUNC_LENGTH_CST macro which is not set by default and + does not seem very useful. +- Change the return type to void because callers do not care about success + or failure. + +Signed-off-by: Jerome Forissier +Reviewed-by: Joakim Bech +--- + libteec/src/teec_trace.c | 63 +++++++++++++++--------------------------------- + public/teec_trace.h | 8 +++--- + 2 files changed, 23 insertions(+), 48 deletions(-) + +diff --git a/libteec/src/teec_trace.c b/libteec/src/teec_trace.c +index 78b79d6..3a2a0da 100644 +--- a/libteec/src/teec_trace.c ++++ b/libteec/src/teec_trace.c +@@ -47,7 +47,6 @@ + * PPPP: MMMMM [FFFFFFFFFFFFFFF : LLLLL] + */ + #define MAX_PRINT_SIZE 256 +-#define MAX_FUNC_PRINT_SIZE 32 + + #ifdef TEEC_LOG_FILE + static void log_to_file(const char *buffer) +@@ -69,57 +68,33 @@ static const char * const trace_level_strings[] = { + "", "ERR", "INF", "DBG", "FLW" + }; + +-int _dprintf(const char *function, int flen, int line, int level, +- const char *prefix, const char *fmt, ...) ++void _dprintf(const char *function, int line, int level, const char *prefix, ++ const char *fmt, ...) + { +- char raw[MAX_PRINT_SIZE]; +- char prefixed[MAX_PRINT_SIZE]; +- char *to_print = NULL; +- const char *func; +- int err; ++ char msg[MAX_PRINT_SIZE]; ++ int n = 0; + va_list ap; + +- va_start(ap, fmt); +- err = vsnprintf(raw, sizeof(raw), fmt, ap); +- va_end(ap); +- + if (function) { +-#ifdef TRACE_FUNC_LENGTH_CST +- char func_buf[MAX_FUNC_PRINT_SIZE]; +- /* Limit the function name to MAX_FUNC_PRINT_SIZE characters. */ +- strncpy(func_buf, function, flen > MAX_FUNC_PRINT_SIZE ? +- (MAX_FUNC_PRINT_SIZE - 1) : flen); +- if (flen < (MAX_FUNC_PRINT_SIZE - 1)) { +- memset(func_buf + flen, 0x20, +- (MAX_FUNC_PRINT_SIZE - flen)); +- } +- func_buf[MAX_FUNC_PRINT_SIZE - 1] = '\0'; +- func = func_buf; +-#else +- (void)flen; +- func = function; +-#endif ++ int thread_id = syscall(SYS_gettid); + +- /* +- * pthread_self returns the POSIX tid which is different from +- * the kernel id +- */ +- int thread_id = syscall(SYS_gettid); /* perf issue ? */ +- +- snprintf(prefixed, MAX_PRINT_SIZE, +- "%s [%d] %s:%s:%d: %s", +- trace_level_strings[level], thread_id, prefix, func, +- line, raw); +- to_print = prefixed; +- } else { +- to_print = raw; ++ n = snprintf(msg, sizeof(msg), "%s [%d] %s:%s:%d: ", ++ trace_level_strings[level], thread_id, prefix, ++ function, line); ++ if (n < 0) ++ return; + } + +- fprintf(stdout, "%s", to_print); +- +- log_to_file(to_print); ++ if ((size_t)n < sizeof(msg)) { ++ va_start(ap, fmt); ++ n = vsnprintf(msg + n, sizeof(msg) - n, fmt, ap); ++ va_end(ap); ++ if (n < 0) ++ return; ++ } + +- return err; ++ fprintf(stdout, "%s", msg); ++ log_to_file(msg); + } + + #if (defined(DEBUGLEVEL_3) || defined(DEBUGLEVEL_true) || defined(DEBUGLEVEL_4)) +diff --git a/public/teec_trace.h b/public/teec_trace.h +index 28e290c..f75358f 100644 +--- a/public/teec_trace.h ++++ b/public/teec_trace.h +@@ -91,12 +91,12 @@ extern "C" { + #define __PRINTFLIKE(__fmt, __varargs) __attribute__\ + ((__format__(__printf__, __fmt, __varargs))) + +-int _dprintf(const char *function, int flen, int line, int level, +- const char *prefix, const char *fmt, ...) __PRINTFLIKE(6, 7); ++void _dprintf(const char *function, int line, int level, const char *prefix, ++ const char *fmt, ...) __PRINTFLIKE(5, 6); + + #define dprintf(level, x...) do { \ + if ((level) <= DEBUGLEVEL) { \ +- _dprintf(__func__, strlen(__func__), __LINE__, level, \ ++ _dprintf(__func__, __LINE__, level, \ + BINARY_PREFIX, x); \ + } \ + } while (0) +@@ -118,7 +118,7 @@ int _dprintf(const char *function, int flen, int line, int level, + + #define dprintf_raw(level, x...) do { \ + if ((level) <= DEBUGLEVEL) \ +- _dprintf(0, 0, 0, (level), BINARY_PREFIX, x); \ ++ _dprintf(0, 0, (level), BINARY_PREFIX, x); \ + } while (0) + + #define EMSG_RAW(fmt, ...) dprintf_raw(TRACE_ERROR, fmt, ##__VA_ARGS__) +-- +2.7.4 + diff --git a/recipes-security/optee-imx/optee-client/tee-supplicant.service b/recipes-security/optee-imx/optee-client/tee-supplicant.service new file mode 100644 index 00000000..0e2b4f6b --- /dev/null +++ b/recipes-security/optee-imx/optee-client/tee-supplicant.service @@ -0,0 +1,11 @@ +[Unit] +Description=TEE Supplicant + +[Service] +User=root +EnvironmentFile=-/etc/default/tee-supplicant +ExecStart=/usr/bin/tee-supplicant $OPTARGS + +[Install] +WantedBy=basic.target + diff --git a/recipes-security/optee-imx/optee-client_3.2.0.imx.bb b/recipes-security/optee-imx/optee-client_3.2.0.imx.bb new file mode 100644 index 00000000..2b0bcf48 --- /dev/null +++ b/recipes-security/optee-imx/optee-client_3.2.0.imx.bb @@ -0,0 +1,57 @@ +# Copyright (C) 2017-2018 NXP + +SUMMARY = "OPTEE Client libs" +HOMEPAGE = "http://www.optee.org/" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b" + +inherit pythonnative systemd + +SRCBRANCH = "imx_4.14.78_1.0.0_ga" +OPTEE_CLIENT_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-client.git;protocol=https" +SRC_URI = "${OPTEE_CLIENT_SRC};branch=${SRCBRANCH}" + +SRCREV = "d06647d201520ac57f1331e97db6138d63bc2666" + +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" + +SRC_URI_append = " file://0001-libteec-refactor-_dprintf.patch \ + file://tee-supplicant.service" + +S = "${WORKDIR}/git" +SYSTEMD_SERVICE_${PN} = "tee-supplicant.service" + +EXTRA_OEMAKE = "CFG_SECURE_DATA_PATH=y" + +do_compile () { + if [ ${DEFAULTTUNE} = "aarch64" ]; then + oe_runmake -C ${S} ARCH=arm64 + else + oe_runmake -C ${S} ARCH=arm + fi +} + +do_install () { + oe_runmake install + + install -D -p -m0644 ${S}/out/export/lib/libteec.so.1.0 ${D}${libdir}/libteec.so.1.0 + ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so + ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so.1 + + install -D -p -m0755 ${S}/out/export/bin/tee-supplicant ${D}${bindir}/tee-supplicant + + cp -a ${S}/out/export/include ${D}/usr/ + + sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${WORKDIR}/tee-supplicant.service + install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service +} + +PACKAGES += "tee-supplicant" +FILES_${PN} += "${libdir}/* ${includedir}/*" +FILES_tee-supplicant += "${bindir}/tee-supplicant" + +INSANE_SKIP_${PN} = "ldflags dev-elf" +INSANE_SKIP_${PN}-dev = "ldflags dev-elf" +INSANE_SKIP_tee-supplicant = "ldflags" + +COMPATIBLE_MACHINE = "(mx6|mx7|mx8)"