From bd64fdb32c6ebbc050ed7c5fcb34f51ff66ab4b8 Mon Sep 17 00:00:00 2001 From: Etienne Carriere Date: Wed, 30 Jan 2019 11:47:25 +0100 Subject: [PATCH] package/optee-examples: new package This package generates embedded Linux based OS userland client applications and OP-TEE OS trusted applications all embedded in the file system. These applications shows how to use the APIs OP-TEE OS is based on, both in the non secure and secure worlds. Package is added next to the OP-TEE client package in the BR package configuration. This change references in Buildroot the today's latest OP-TEE revision release tagged 3.4.0 with an added patch to fix an issue reported by recent GCC toolchains. Signed-off-by: Etienne Carriere [Thomas: - drop version selection - propagate !BR2_STATIC_LIBS dependency of optee-client - make sure BR2_TARGET_OPTEE_OS_SDK is selected - use a patch generated by git format-patch - simplify the construct to build the examples] Signed-off-by: Thomas Petazzoni --- DEVELOPERS | 1 + package/Config.in | 1 + ...-fix-deprecated-size_t-type-for-size.patch | 42 +++++++++++++++++++ package/optee-examples/Config.in | 23 ++++++++++ package/optee-examples/optee-examples.hash | 4 ++ package/optee-examples/optee-examples.mk | 37 ++++++++++++++++ 6 files changed, 108 insertions(+) create mode 100644 package/optee-examples/0001-fix-deprecated-size_t-type-for-size.patch create mode 100644 package/optee-examples/Config.in create mode 100644 package/optee-examples/optee-examples.hash create mode 100644 package/optee-examples/optee-examples.mk diff --git a/DEVELOPERS b/DEVELOPERS index 4089f00acd..dec6d004f6 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -690,6 +690,7 @@ F: package/szip/ N: Etienne Carriere F: boot/optee-os/ F: package/optee-client/ +F: package/optee-examples/ N: Eugene Tarassov F: package/tcf-agent/ diff --git a/package/Config.in b/package/Config.in index 7c010e1d21..5eb0acfd20 100644 --- a/package/Config.in +++ b/package/Config.in @@ -2080,6 +2080,7 @@ endmenu menu "Security" source "package/checkpolicy/Config.in" source "package/optee-client/Config.in" + source "package/optee-examples/Config.in" source "package/paxtest/Config.in" source "package/policycoreutils/Config.in" source "package/refpolicy/Config.in" diff --git a/package/optee-examples/0001-fix-deprecated-size_t-type-for-size.patch b/package/optee-examples/0001-fix-deprecated-size_t-type-for-size.patch new file mode 100644 index 0000000000..4f1fb38305 --- /dev/null +++ b/package/optee-examples/0001-fix-deprecated-size_t-type-for-size.patch @@ -0,0 +1,42 @@ +From 1a2713ac698410fb1a889941d52df12a7bd75f3b Mon Sep 17 00:00:00 2001 +From: Etienne Carriere +Date: Sun, 17 Feb 2019 22:17:21 +0100 +Subject: [PATCH] secure_storage: fix deprecated size_t type for size + +size_t types is an deprecated type used in GPD API v1.0. +Update + +Error reported by GCC 7.3-2018.05: + secure_storage_ta.c:203:6: warning: passing argument 4 of 'TEE_ReadObjectData' from incompatible pointer type [-Wincompatible-pointer-types] + &read_bytes); + +Signed-off-by: Etienne Carriere +--- + secure_storage/ta/secure_storage_ta.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/secure_storage/ta/secure_storage_ta.c b/secure_storage/ta/secure_storage_ta.c +index d120e47..3ccc12d 100644 +--- a/secure_storage/ta/secure_storage_ta.c ++++ b/secure_storage/ta/secure_storage_ta.c +@@ -146,7 +146,7 @@ static TEE_Result read_raw_object(uint32_t param_types, TEE_Param params[4]) + TEE_ObjectHandle object; + TEE_ObjectInfo object_info; + TEE_Result res; +- size_t read_bytes; ++ uint32_t read_bytes; + char *obj_id; + size_t obj_id_sz; + char *data; +@@ -202,7 +202,7 @@ static TEE_Result read_raw_object(uint32_t param_types, TEE_Param params[4]) + res = TEE_ReadObjectData(object, data, object_info.dataSize, + &read_bytes); + if (res != TEE_SUCCESS || read_bytes != object_info.dataSize) { +- EMSG("TEE_ReadObjectData failed 0x%08x, read %u over %u", ++ EMSG("TEE_ReadObjectData failed 0x%08x, read %" PRIu32 " over %u", + res, read_bytes, object_info.dataSize); + goto exit; + } +-- +2.20.1 + diff --git a/package/optee-examples/Config.in b/package/optee-examples/Config.in new file mode 100644 index 0000000000..479f9204bb --- /dev/null +++ b/package/optee-examples/Config.in @@ -0,0 +1,23 @@ +config BR2_PACKAGE_OPTEE_EXAMPLES + bool "optee-examples" + depends on BR2_TARGET_OPTEE_OS + depends on !BR2_STATIC_LIBS # optee-client + select BR2_PACKAGE_OPTEE_CLIENT + select BR2_TARGET_OPTEE_OS_SDK + help + Enable the OP-TEE examples package that brings examples of + implementation of OP-TEE non-secure client applications and + secure trusted applications. OP-TEE examples is a + component delivered by the OP-TEE project. + + Trusted application binary files are installed in the target + directory /lib/optee_armtz as other trusted applications. + At runtime OP-TEE OS can load trusted applications from this + non-secure filesystem/directory into the secure world for + execution. + + https://github.com/linaro-swg/optee_examples + +comment "optee-examples needs a toolchain w/ dynamic library" + depends on BR2_TARGET_OPTEE_OS + depends on BR2_STATIC_LIBS diff --git a/package/optee-examples/optee-examples.hash b/package/optee-examples/optee-examples.hash new file mode 100644 index 0000000000..077fd9757c --- /dev/null +++ b/package/optee-examples/optee-examples.hash @@ -0,0 +1,4 @@ +# From https://github.com/linaro-swg/optee_examples/archive/3.4.0.tar.gz +sha256 d833753980ac438c1675787857bb8352997352212334274de9419770097ce039 optee-examples-3.4.0.tar.gz +# Locally computed +sha256 6f1ef8449cb82ae79d2155605f7985bdf0f08e7ab5007de9b4362e8bf28733b9 LICENSE diff --git a/package/optee-examples/optee-examples.mk b/package/optee-examples/optee-examples.mk new file mode 100644 index 0000000000..10fe62b72a --- /dev/null +++ b/package/optee-examples/optee-examples.mk @@ -0,0 +1,37 @@ +################################################################################ +# +# optee-examples +# +################################################################################ + +OPTEE_EXAMPLES_VERSION = 3.4.0 +OPTEE_EXAMPLES_SITE = $(call github,linaro-swg,optee_examples,$(OPTEE_EXAMPLES_VERSION)) +OPTEE_EXAMPLES_LICENSE = BSD-2-Clause +OPTEE_EXAMPLES_LICENSE_FILES = LICENSE + +OPTEE_EXAMPLES_DEPENDENCIES = optee-client optee-os + +ifeq ($(BR2_aarch64),y) +OPTEE_EXAMPLES_SDK = $(STAGING_DIR)/lib/optee/export-ta_arm64 +else ifeq ($(BR2_arm),y) +OPTEE_EXAMPLES_SDK = $(STAGING_DIR)/lib/optee/export-ta_arm32 +endif + +# Trusted Application are not built from CMake due to ta_dev_kit dependencies. +# We must build and install them on target. +define OPTEE_EXAMPLES_BUILD_TAS + $(foreach f,$(wildcard $(@D)/*/ta/Makefile), \ + $(TARGET_CONFIGURE_OPTS) \ + $(MAKE) CROSS_COMPILE=$(TARGET_CROSS) \ + TA_DEV_KIT_DIR=$(OPTEE_EXAMPLES_SDK) \ + O=out -C $(dir $f) all + ) +endef +define OPTEE_EXAMPLES_INSTALL_TAS + @mkdir -p $(TARGET_DIR)/lib/optee_armtz + @$(INSTALL) -D -m 444 -t $(TARGET_DIR)/lib/optee_armtz $(@D)/*/ta/out/*.ta +endef +OPTEE_EXAMPLES_POST_BUILD_HOOKS += OPTEE_EXAMPLES_BUILD_TAS +OPTEE_EXAMPLES_POST_INSTALL_TARGET_HOOKS += OPTEE_EXAMPLES_INSTALL_TAS + +$(eval $(cmake-package)) -- 2.30.2