optee-client: Add support for optee-client imx fork

This also includes some backported gcc 8 fixes from upstream.

Signed-off-by: Peter Griffin <peter.griffin@linaro.org>

3 files changed, 239 insertions, 0 deletions

diff --git a/recipes-security/optee-imx/optee-client/0001-libteec-refactor-_dprintf.patch b/recipes-security/optee-imx/optee-client/0001-libteec-refactor-_dprintf.patch
new file mode 100644
index 000000000..1c053f38d
--- /dev/null
+++ b/recipes-security/optee-imx/optee-client/0001-libteec-refactor-_dprintf.patch
@@ -0,0 +1,171 @@
+Upstream-Status: Backport 3.3.0
+
+Signed-off-by: Peter Griffin <peter.griffin@linaro.org>
+---
+From 0361f9b21bb1acfaf23323a121f542fe03dcd2c8 Mon Sep 17 00:00:00 2001
+From: Jerome Forissier <jerome.forissier@linaro.org>
+Date: Thu, 5 Jul 2018 15:15:31 +0200
+Subject: [PATCH] libteec: refactor _dprintf()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+GCC8.1 gives an error when compiling _dprintf():
+
+src/teec_trace.c: In function ‘_dprintf’:
+src/teec_trace.c:110:5: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 246 [-Werror=format-truncation=]
+     "%s [%d] %s:%s:%d: %s",
+     ^~~~~~~~~~~~~~~~~~~~~~
+src/teec_trace.c:112:11:
+     line, raw);
+           ~~~
+src/teec_trace.c:109:3: note: ‘snprintf’ output 11 or more bytes (assuming 266) into a destination of size 256
+   snprintf(prefixed, MAX_PRINT_SIZE,
+   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+     "%s [%d] %s:%s:%d: %s",
+     ~~~~~~~~~~~~~~~~~~~~~~~
+     trace_level_strings[level], thread_id, prefix, func,
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+     line, raw);
+     ~~~~~~~~~~
+
+Fix this error by using a single output buffer, printing the prefix first
+then the other arguments with the supplied format.
+
+In addition, further simplify the function by getting rid of things that
+do not make much sense:
+- Remove the 'flen' parameter, which is only ever set to zero or
+  strlen(__func__).
+- Remove the TRACE_FUNC_LENGTH_CST macro which is not set by default and
+  does not seem very useful.
+- Change the return type to void because callers do not care about success
+  or failure.
+
+Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
+Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
+---
+ libteec/src/teec_trace.c | 63 +++++++++++++++---------------------------------
+ public/teec_trace.h      |  8 +++---
+ 2 files changed, 23 insertions(+), 48 deletions(-)
+
+diff --git a/libteec/src/teec_trace.c b/libteec/src/teec_trace.c
+index 78b79d6..3a2a0da 100644
+--- a/libteec/src/teec_trace.c
++++ b/libteec/src/teec_trace.c
+@@ -47,7 +47,6 @@
+  * PPPP: MMMMM [FFFFFFFFFFFFFFF : LLLLL]
+  */
+ #define MAX_PRINT_SIZE 256
+-#define MAX_FUNC_PRINT_SIZE 32
+ 
+ #ifdef TEEC_LOG_FILE
+ static void log_to_file(const char *buffer)
+@@ -69,57 +68,33 @@ static const char * const trace_level_strings[] = {
+        "", "ERR", "INF", "DBG", "FLW"
+ };
+ 
+-int _dprintf(const char *function, int flen, int line, int level,
+-            const char *prefix, const char *fmt, ...)
++void _dprintf(const char *function, int line, int level, const char *prefix,
++             const char *fmt, ...)
+ {
+-       char raw[MAX_PRINT_SIZE];
+-       char prefixed[MAX_PRINT_SIZE];
+-       char *to_print = NULL;
+-       const char *func;
+-       int err;
++       char msg[MAX_PRINT_SIZE];
++       int n = 0;
+        va_list ap;
+ 
+-       va_start(ap, fmt);
+-       err = vsnprintf(raw, sizeof(raw), fmt, ap);
+-       va_end(ap);
+-
+        if (function) {
+-#ifdef TRACE_FUNC_LENGTH_CST
+-               char func_buf[MAX_FUNC_PRINT_SIZE];
+-               /* Limit the function name to MAX_FUNC_PRINT_SIZE characters. */
+-               strncpy(func_buf, function, flen > MAX_FUNC_PRINT_SIZE ?
+-                       (MAX_FUNC_PRINT_SIZE - 1) : flen);
+-               if (flen < (MAX_FUNC_PRINT_SIZE - 1)) {
+-                       memset(func_buf + flen, 0x20,
+-                              (MAX_FUNC_PRINT_SIZE - flen));
+-               }
+-               func_buf[MAX_FUNC_PRINT_SIZE - 1] = '\0';
+-               func = func_buf;
+-#else
+-               (void)flen;
+-               func = function;
+-#endif
++               int thread_id = syscall(SYS_gettid);
+ 
+-               /*
+-                * pthread_self returns the POSIX tid which is different from
+-                * the kernel id
+-                */
+-               int thread_id = syscall(SYS_gettid);    /* perf issue ? */
+-
+-               snprintf(prefixed, MAX_PRINT_SIZE,
+-                        "%s [%d] %s:%s:%d: %s",
+-                        trace_level_strings[level], thread_id, prefix, func,
+-                        line, raw);
+-               to_print = prefixed;
+-       } else {
+-               to_print = raw;
++               n = snprintf(msg, sizeof(msg), "%s [%d] %s:%s:%d: ",
++                       trace_level_strings[level], thread_id, prefix,
++                       function, line);
++               if (n < 0)
++                       return;
+        }
+ 
+-       fprintf(stdout, "%s", to_print);
+-
+-       log_to_file(to_print);
++       if ((size_t)n < sizeof(msg)) {
++               va_start(ap, fmt);
++               n = vsnprintf(msg + n, sizeof(msg) - n, fmt, ap);
++               va_end(ap);
++               if (n < 0)
++                       return;
++       }
+ 
+-       return err;
++       fprintf(stdout, "%s", msg);
++       log_to_file(msg);
+ }
+ 
+ #if (defined(DEBUGLEVEL_3) || defined(DEBUGLEVEL_true) || defined(DEBUGLEVEL_4))
+diff --git a/public/teec_trace.h b/public/teec_trace.h
+index 28e290c..f75358f 100644
+--- a/public/teec_trace.h
++++ b/public/teec_trace.h
+@@ -91,12 +91,12 @@ extern "C" {
+ #define __PRINTFLIKE(__fmt, __varargs) __attribute__\
+        ((__format__(__printf__, __fmt, __varargs)))
+ 
+-int _dprintf(const char *function, int flen, int line, int level,
+-            const char *prefix, const char *fmt, ...) __PRINTFLIKE(6, 7);
++void _dprintf(const char *function, int line, int level, const char *prefix,
++             const char *fmt, ...) __PRINTFLIKE(5, 6);
+ 
+ #define dprintf(level, x...) do { \
+                if ((level) <= DEBUGLEVEL) { \
+-                       _dprintf(__func__, strlen(__func__), __LINE__, level, \
++                       _dprintf(__func__, __LINE__, level, \
+                                 BINARY_PREFIX, x); \
+                } \
+        } while (0)
+@@ -118,7 +118,7 @@ int _dprintf(const char *function, int flen, int line, int level,
+ 
+ #define dprintf_raw(level, x...) do { \
+                if ((level) <= DEBUGLEVEL) \
+-                       _dprintf(0, 0, 0, (level), BINARY_PREFIX, x); \
++                       _dprintf(0, 0, (level), BINARY_PREFIX, x); \
+        } while (0)
+ 
+ #define EMSG_RAW(fmt, ...)   dprintf_raw(TRACE_ERROR, fmt, ##__VA_ARGS__)
+-- 
+2.7.4
+
diff --git a/recipes-security/optee-imx/optee-client/tee-supplicant.service b/recipes-security/optee-imx/optee-client/tee-supplicant.service
new file mode 100644
index 000000000..0e2b4f6ba
--- /dev/null
+++ b/recipes-security/optee-imx/optee-client/tee-supplicant.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=TEE Supplicant
+
+[Service]
+User=root
+EnvironmentFile=-/etc/default/tee-supplicant
+ExecStart=/usr/bin/tee-supplicant $OPTARGS
+
+[Install]
+WantedBy=basic.target
+
diff --git a/recipes-security/optee-imx/optee-client_3.2.0.imx.bb b/recipes-security/optee-imx/optee-client_3.2.0.imx.bb
new file mode 100644
index 000000000..2b0bcf48c
--- /dev/null
+++ b/recipes-security/optee-imx/optee-client_3.2.0.imx.bb
@@ -0,0 +1,57 @@
+# Copyright (C) 2017-2018 NXP
+
+SUMMARY = "OPTEE Client libs"
+HOMEPAGE = "http://www.optee.org/"
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=69663ab153298557a59c67a60a743e5b"
+
+inherit pythonnative systemd
+
+SRCBRANCH = "imx_4.14.78_1.0.0_ga"
+OPTEE_CLIENT_SRC ?= "git://source.codeaurora.org/external/imx/imx-optee-client.git;protocol=https"
+SRC_URI = "${OPTEE_CLIENT_SRC};branch=${SRCBRANCH}"
+
+SRCREV = "d06647d201520ac57f1331e97db6138d63bc2666" 
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+
+SRC_URI_append = " file://0001-libteec-refactor-_dprintf.patch \
+                   file://tee-supplicant.service"
+
+S = "${WORKDIR}/git"
+SYSTEMD_SERVICE_${PN} = "tee-supplicant.service"
+
+EXTRA_OEMAKE = "CFG_SECURE_DATA_PATH=y"
+
+do_compile () {
+    if [ ${DEFAULTTUNE} = "aarch64" ]; then
+        oe_runmake -C ${S} ARCH=arm64
+    else
+        oe_runmake -C ${S} ARCH=arm
+    fi
+}
+
+do_install () {
+        oe_runmake install
+
+        install -D -p -m0644 ${S}/out/export/lib/libteec.so.1.0 ${D}${libdir}/libteec.so.1.0
+        ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so
+        ln -sf libteec.so.1.0 ${D}${libdir}/libteec.so.1
+
+        install -D -p -m0755 ${S}/out/export/bin/tee-supplicant ${D}${bindir}/tee-supplicant
+
+        cp -a ${S}/out/export/include ${D}/usr/
+
+        sed -i -e s:/etc:${sysconfdir}:g -e s:/usr/bin:${bindir}:g ${WORKDIR}/tee-supplicant.service
+        install -D -p -m0644 ${WORKDIR}/tee-supplicant.service ${D}${systemd_system_unitdir}/tee-supplicant.service
+}
+
+PACKAGES += "tee-supplicant"
+FILES_${PN} += "${libdir}/* ${includedir}/*"
+FILES_tee-supplicant += "${bindir}/tee-supplicant"
+
+INSANE_SKIP_${PN} = "ldflags dev-elf"
+INSANE_SKIP_${PN}-dev = "ldflags dev-elf"
+INSANE_SKIP_tee-supplicant = "ldflags"
+
+COMPATIBLE_MACHINE = "(mx6|mx7|mx8)"