new file mode 100644
@@ -0,0 +1,10 @@
+[Unit]
+Description=TEE Supplicant
+
+[Service]
+User=root
+EnvironmentFile=-@sysconfdir@/default/tee-supplicant
+ExecStart=@sbindir@/tee-supplicant $OPTARGS
+
+[Install]
+WantedBy=basic.target
new file mode 100644
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+# Source function library
+. /etc/init.d/functions
+
+NAME=tee-supplicant
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC="OP-TEE Supplicant"
+
+DAEMON=@sbindir@/$NAME
+
+test -f $DAEMON || exit 0
+
+test -f @sysconfdir@/default/$NAME && . @sysconfdir@/default/$NAME
+test -f @sysconfdir@/default/rcS && . @sysconfdir@/default/rcS
+
+SSD_OPTIONS="--oknodo --quiet --exec $DAEMON -- -d $OPTARGS"
+
+set -e
+
+case $1 in
+ start)
+ echo -n "Starting $DESC: "
+ start-stop-daemon --start $SSD_OPTIONS
+ echo "${DAEMON##*/}."
+ ;;
+ stop)
+ echo -n "Stopping $DESC: "
+ start-stop-daemon --stop $SSD_OPTIONS
+ echo "${DAEMON##*/}."
+ ;;
+ restart|force-reload)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ status)
+ status ${DAEMON} || exit $?
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
similarity index 52%
rename from meta-arm/recipes-security/optee/optee-client_3.18.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-client_3.18.0.bb
@@ -1,3 +1,3 @@
-require optee-client.inc
+require recipes-security/optee/optee-client.inc
SRCREV = "e7cba71cc6e2ecd02f412c7e9ee104f0a5dffc6f"
similarity index 73%
rename from meta-arm/recipes-security/optee/optee-client_3.20.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-client_3.20.0.bb
@@ -1,4 +1,4 @@
-require optee-client.inc
+require recipes-security/optee/optee-client.inc
SRCREV = "dd2d39b49975d2ada7870fe2b7f5a84d0d3860dc"
similarity index 51%
rename from meta-arm/recipes-security/optee/optee-examples_3.18.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-examples_3.18.0.bb
@@ -1,3 +1,3 @@
-require optee-examples.inc
+require recipes-security/optee/optee-examples.inc
SRCREV = "f301ee9df2129c0db683e726c91dc2cefe4cdb65"
similarity index 51%
rename from meta-arm/recipes-security/optee/optee-examples_3.20.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-examples_3.20.0.bb
@@ -1,3 +1,3 @@
-require optee-examples.inc
+require recipes-security/optee/optee-examples.inc
SRCREV = "a98d01e1b9168eaed96bcd0bac0df67c44a81081"
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0002-optee-enable-clang-support.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0002-optee-enable-clang-support.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0003-core-link-add-no-warn-rwx-segments.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0003-core-link-add-no-warn-rwx-segments.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0004-core-Define-section-attributes-for-clang.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0004-core-Define-section-attributes-for-clang.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-3.20.0/0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch
rename to meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-tadevkit_3.18.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.18.0.bb
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-tadevkit_3.20.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-os-tadevkit_3.20.0.bb
similarity index 100%
rename from meta-arm/recipes-security/optee/optee-os-ts-3.18.inc
rename to meta-arm-bsp/recipes-security/optee/optee-os-ts-3.18.inc
similarity index 88%
rename from meta-arm/recipes-security/optee/optee-os_3.18.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-os_3.18.0.bb
@@ -1,4 +1,4 @@
-require optee-os.inc
+require recipes-security/optee/optee-os.inc
DEPENDS += "dtc-native"
similarity index 91%
rename from meta-arm/recipes-security/optee/optee-os_3.20.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb
@@ -1,4 +1,4 @@
-require optee-os.inc
+require recipes-security/optee/optee-os.inc
DEPENDS += "dtc-native"
new file mode 100644
@@ -0,0 +1,39 @@
+From 7e15470f3dd45c844f0e0901f0c85c46a0882b8b Mon Sep 17 00:00:00 2001
+From: Gabor Toth <gabor.toth2@arm.com>
+Date: Fri, 3 Mar 2023 12:23:45 +0100
+Subject: [PATCH 1/2] Update arm_ffa_user driver dependency
+
+Updating arm-ffa-user to v5.0.1 to get the following changes:
+ - move to 64 bit direct messages
+ - add Linux Kernel v6.1 compatibility
+The motivation is to update x-test to depend on the same driver
+version as TS uefi-test and thus to enable running these in a single
+configuration.
+Note: arm_ffa_user.h was copied from:
+ - URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git
+ - SHA:18e3be71f65a405dfb5d97603ae71b3c11759861
+
+Upstream-Status: Backport
+
+Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
+Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
+---
+ host/xtest/include/uapi/linux/arm_ffa_user.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/host/xtest/include/uapi/linux/arm_ffa_user.h b/host/xtest/include/uapi/linux/arm_ffa_user.h
+index 9ef0be3..0acde4f 100644
+--- a/host/xtest/include/uapi/linux/arm_ffa_user.h
++++ b/host/xtest/include/uapi/linux/arm_ffa_user.h
+@@ -33,7 +33,7 @@ struct ffa_ioctl_ep_desc {
+ * @dst_id: [in] 16-bit ID of destination endpoint.
+ */
+ struct ffa_ioctl_msg_args {
+- __u32 args[5];
++ __u64 args[5];
+ __u16 dst_id;
+ };
+ #define FFA_IOC_MSG_SEND _IOWR(FFA_IOC_MAGIC, FFA_IOC_BASE + 1, \
+--
+2.39.1.windows.1
+
new file mode 100644
@@ -0,0 +1,163 @@
+From 6734d14cc249af37705129de7874533df9535cd3 Mon Sep 17 00:00:00 2001
+From: Gabor Toth <gabor.toth2@arm.com>
+Date: Fri, 3 Mar 2023 12:25:58 +0100
+Subject: [PATCH 2/2] ffa_spmc: Add arm_ffa_user driver compatibility check
+
+Check the version of the arm_ffa_user Kernel Driver and fail with a
+meaningful message if incompatible driver is detected.
+
+Upstream-Status: Backport
+
+Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
+Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
+---
+ host/xtest/ffa_spmc_1000.c | 68 ++++++++++++++++++++++++++++++++++----
+ 1 file changed, 61 insertions(+), 7 deletions(-)
+
+diff --git a/host/xtest/ffa_spmc_1000.c b/host/xtest/ffa_spmc_1000.c
+index 15f4a46..1839d03 100644
+--- a/host/xtest/ffa_spmc_1000.c
++++ b/host/xtest/ffa_spmc_1000.c
+@@ -1,11 +1,12 @@
+ // SPDX-License-Identifier: BSD-3-Clause
+ /*
+- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
++ * Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved.
+ */
+ #include <fcntl.h>
+ #include <ffa.h>
+ #include <stdio.h>
+ #include <string.h>
++#include <errno.h>
+ #include <sys/ioctl.h>
+ #include <unistd.h>
+ #include "include/uapi/linux/arm_ffa_user.h"
+@@ -17,6 +18,10 @@
+ #define INCORRECT_ENDPOINT_ID 0xffff
+ #define NORMAL_WORLD_ENDPOINT_ID 0
+
++#define FFA_USER_REQ_VER_MAJOR 5
++#define FFA_USER_REQ_VER_MINOR 0
++#define FFA_USER_REQ_VER_PATCH 1
++
+ /* Get the 32 least significant bits of a handle.*/
+ #define MEM_SHARE_HANDLE_LOW(x) ((x) & 0xffffffff)
+ /* Get the 32 most significant bits of a handle.*/
+@@ -62,6 +67,50 @@ static struct ffa_ioctl_ep_desc test_endpoint3 = {
+ .uuid_ptr = (uint64_t)test_endpoint3_uuid,
+ };
+
++static bool check_ffa_user_version(void)
++{
++ FILE *f = NULL;
++ int ver_major = -1;
++ int ver_minor = -1;
++ int ver_patch = -1;
++ int scan_cnt = 0;
++
++ f = fopen("/sys/module/arm_ffa_user/version", "r");
++ if (f) {
++ scan_cnt = fscanf(f, "%d.%d.%d",
++ &ver_major, &ver_minor, &ver_patch);
++ fclose(f);
++ if (scan_cnt != 3) {
++ printf("error: failed to parse arm_ffa_user version\n");
++ return false;
++ }
++ } else {
++ printf("error: failed to read arm_ffa_user module info - %s\n",
++ strerror(errno));
++ return false;
++ }
++
++ if (ver_major != FFA_USER_REQ_VER_MAJOR)
++ goto err;
++
++ if (ver_minor < FFA_USER_REQ_VER_MINOR)
++ goto err;
++
++ if (ver_minor == FFA_USER_REQ_VER_MINOR)
++ if (ver_patch < FFA_USER_REQ_VER_PATCH)
++ goto err;
++
++ return true;
++
++err:
++ printf("error: Incompatible arm_ffa_user driver detected.");
++ printf("Found v%d.%d.%d wanted >= v%d.%d.%d)\n",
++ ver_major, ver_minor, ver_patch, FFA_USER_REQ_VER_MAJOR,
++ FFA_USER_REQ_VER_MINOR, FFA_USER_REQ_VER_PATCH);
++
++ return false;
++}
++
+ static void close_debugfs(void)
+ {
+ int err = 0;
+@@ -76,6 +125,9 @@ static void close_debugfs(void)
+
+ static bool init_sp_xtest(ADBG_Case_t *c)
+ {
++ if (!check_ffa_user_version())
++ return false;
++
+ if (ffa_fd < 0) {
+ ffa_fd = open(FFA_DRIVER_FS_PATH, O_RDWR);
+ if (ffa_fd < 0) {
+@@ -83,6 +135,7 @@ static bool init_sp_xtest(ADBG_Case_t *c)
+ return false;
+ }
+ }
++
+ return true;
+ }
+
+@@ -99,7 +152,7 @@ static uint16_t get_endpoint_id(uint64_t endp)
+ struct ffa_ioctl_ep_desc sid = { .uuid_ptr = endp };
+
+ /* Get ID of destination SP based on UUID */
+- if(ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
++ if (ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
+ return INCORRECT_ENDPOINT_ID;
+
+ return sid.id;
+@@ -213,14 +266,15 @@ static int set_up_mem(struct ffa_ioctl_ep_desc *endp,
+ rc = share_mem(endpoint, handle);
+ ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
+
+- if (!ADBG_EXPECT_TRUE(c, handle != NULL))
+- return TEEC_ERROR_GENERIC;
++ if (!ADBG_EXPECT_NOT_NULL(c, handle))
++ return TEEC_ERROR_GENERIC;
+
+ /* SP will retrieve the memory region. */
+ memset(args, 0, sizeof(*args));
+ args->dst_id = endpoint;
+ args->args[MEM_SHARE_HANDLE_LOW_INDEX] = MEM_SHARE_HANDLE_LOW(*handle);
+- args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = MEM_SHARE_HANDLE_HIGH(*handle);
++ args->args[MEM_SHARE_HANDLE_HIGH_INDEX] =
++ MEM_SHARE_HANDLE_HIGH(*handle);
+ args->args[MEM_SHARE_HANDLE_ENDPOINT_INDEX] = NORMAL_WORLD_ENDPOINT_ID;
+
+ rc = start_sp_test(endpoint, EP_RETRIEVE, args);
+@@ -254,7 +308,7 @@ static void xtest_ffa_spmc_test_1002(ADBG_Case_t *c)
+ rc = start_sp_test(endpoint1_id, EP_TEST_SP, &args);
+ ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
+ if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK))
+- goto out;
++ goto out;
+
+ /* Set up memory and have the SP retrieve it. */
+ Do_ADBG_BeginSubCase(c, "Test memory set-up");
+@@ -469,7 +523,7 @@ static void xtest_ffa_spmc_test_1005(ADBG_Case_t *c)
+ memset(&args, 0, sizeof(args));
+ args.args[1] = endpoint2;
+ args.args[2] = endpoint3;
+- rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI,&args);
++ rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI, &args);
+ ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
+ ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK);
+
+--
+2.39.1.windows.1
+
new file mode 100644
@@ -0,0 +1,24 @@
+Hack to work around musl compile error:
+ In file included from optee-test/3.17.0-r0/recipe-sysroot/usr/include/sys/stat.h:23,
+ from optee-test/3.17.0-r0/git/host/xtest/regression_1000.c:25:
+ optee-test/3.17.0-r0/recipe-sysroot/usr/include/bits/stat.h:17:26: error: expected identifier or '(' before '[' token
+ 17 | unsigned __unused[2];
+ | ^
+
+stat.h is not needed, since it is not being used in this file. So removing it.
+
+Upstream-Status: Pending [Not submitted to upstream yet]
+Signed-off-by: Jon Mason <jon.mason@arm.com>
+
+diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c
+index 4264884..7f1baca 100644
+--- a/host/xtest/regression_1000.c
++++ b/host/xtest/regression_1000.c
+@@ -22,7 +22,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#include <sys/stat.h>
+ #include <sys/types.h>
+ #include <ta_arm_bti.h>
+ #include <ta_concurrent.h>
new file mode 100755
@@ -0,0 +1,52 @@
+#!/bin/sh
+xtest | awk '
+
+ # Escapes the special characters in a string so that, when
+ # included in a regex, it represents a literal match
+ function regx_escape_literal(str, ret) {
+ ret = str
+ gsub(/[\[\]\^\$\.\*\?\+\{\}\\\(\)\|]/ , "\\\\&", str)
+ return str
+ }
+
+ # Returns the simple test formatted name
+ function name(n, ret) {
+ ret = n
+ gsub(/\./, " ", ret)
+ return ret
+ }
+
+ # Returns the simple test formatted result
+ function result(res) {
+ if(res ~ /OK/) {
+ return "PASS"
+ } else if(res ~ /FAILED/) {
+ return "FAIL"
+ }
+ }
+
+ function parse(name, description, has_subtests, result_line) {
+ has_subtests = 0
+
+ # Consume every line up to the result line
+ result_line = " " regx_escape_literal(name) " (OK|FAILED)"
+ do {
+ getline
+
+ # If this is a subtest (denoted by an "o" bullet) then subparse
+ if($0 ~ /^o /) {
+ parse($2, description " : " substr($0, index($0, $3)))
+ has_subtests = 1
+ }
+ } while ($0 !~ result_line)
+
+ # Only print the results for the deepest nested subtests
+ if(!has_subtests) {
+ print result($2) ": " name(name) " - " description
+ }
+ }
+
+ # Start parsing at the beginning of every test (denoted by a "*" bullet)
+ /^\* / { parse($2, substr($0, index($0, $3))) }
+
+'
similarity index 86%
rename from meta-arm/recipes-security/optee/optee-test_3.18.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-test_3.18.0.bb
@@ -1,4 +1,4 @@
-require optee-test.inc
+require recipes-security/optee/optee-test.inc
SRC_URI += " \
file://musl-workaround.patch \
similarity index 89%
rename from meta-arm/recipes-security/optee/optee-test_3.20.0.bb
rename to meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb
@@ -1,4 +1,4 @@
-require optee-test.inc
+require recipes-security/optee/optee-test.inc
SRC_URI += " \
file://Update-arm_ffa_user-driver-dependency.patch \
@@ -21,6 +21,3 @@ WKS_FILE_DEPENDS = "trusted-firmware-a"
IMAGE_BOOT_FILES = "${KERNEL_IMAGETYPE}"
MACHINE_FEATURES += "optee-ftpm"
-
-PREFERRED_VERSION_optee-os ?= "3.18.%"
-
new file mode 100644
@@ -0,0 +1,7 @@
+require optee-client.inc
+
+SRCREV = "8533e0e6329840ee96cf81b6453f257204227e6c"
+
+inherit pkgconfig
+DEPENDS += "util-linux"
+EXTRA_OEMAKE += "PKG_CONFIG=pkg-config"
new file mode 100644
@@ -0,0 +1,3 @@
+require optee-examples.inc
+
+SRCREV = "378dc0db2d5dd279f58a3b6cb3f78ffd6b165035"
new file mode 100644
@@ -0,0 +1,35 @@
+From 528aeb42652a3159c1bfd51d6c1442c3ff27b84c Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Tue, 26 May 2020 14:38:02 -0500
+Subject: [PATCH] allow setting sysroot for libgcc lookup
+
+Explicitly pass the new variable LIBGCC_LOCATE_CFLAGS variable when searching
+for the compiler libraries as there's no easy way to reliably pass --sysroot
+otherwise.
+
+Upstream-Status: Pending [https://github.com/OP-TEE/optee_os/issues/4188]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+---
+ mk/gcc.mk | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/mk/gcc.mk b/mk/gcc.mk
+index adc77a24..81bfa78a 100644
+--- a/mk/gcc.mk
++++ b/mk/gcc.mk
+@@ -13,11 +13,11 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \
+ -print-file-name=include 2> /dev/null)
+
+ # Get location of libgcc from gcc
+-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
++libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
+ -print-libgcc-file-name 2> /dev/null)
+-libstdc++$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
++libstdc++$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
+ -print-file-name=libstdc++.a 2> /dev/null)
+-libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
++libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
+ -print-file-name=libgcc_eh.a 2> /dev/null)
+
+ # Define these to something to discover accidental use
new file mode 100644
@@ -0,0 +1,240 @@
+From 2449af30e09e172216ec9aa8b07502ae9ddc0a03 Mon Sep 17 00:00:00 2001
+From: Emekcan Aras <emekcan.aras@arm.com>
+Date: Wed, 21 Dec 2022 10:55:58 +0000
+Subject: [PATCH] core: Define section attributes for clang
+
+Clang's attribute section is not same as gcc, here we need to add flags
+to sections so they can be eventually collected by linker into final
+output segments. Only way to do so with clang is to use
+
+pragma clang section ...
+
+The behavious is described here [1], this allows us to define names bss
+sections. This was not an issue until clang-15 where LLD linker starts
+to detect the section flags before merging them and throws the following
+errors
+
+| ld.lld: error: section type mismatch for .nozi.kdata_page
+| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/kernel/thread.o:(.nozi.kdata_page): SHT_PROGBITS
+| >>> output section .nozi: SHT_NOBITS
+|
+| ld.lld: error: section type mismatch for .nozi.mmu.l2
+| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/mm/core_mmu_lpae.o:(.nozi.mmu.l2): SHT_PROGBITS
+| >>> output section .nozi: SHT_NOBITS
+
+These sections should be carrying SHT_NOBITS but so far it was not
+possible to do so, this patch tries to use clangs pragma to get this
+going and match the functionality with gcc.
+
+[1] https://intel.github.io/llvm-docs/clang/LanguageExtensions.html#specifying-section-names-for-global-objects-pragma-clang-section
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ core/arch/arm/kernel/thread.c | 19 +++++++++++++++--
+ core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++----
+ core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++---
+ core/arch/arm/mm/pgt_cache.c | 12 ++++++++++-
+ core/kernel/thread.c | 13 +++++++++++-
+ 5 files changed, 104 insertions(+), 11 deletions(-)
+
+diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c
+index 4487ef026..f36243896 100644
+--- a/core/arch/arm/kernel/thread.c
++++ b/core/arch/arm/kernel/thread.c
+@@ -44,15 +44,30 @@ static size_t thread_user_kcode_size __nex_bss;
+ #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \
+ defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64)
+ long thread_user_kdata_sp_offset __nex_bss;
++#ifdef __clang__
++#ifndef CFG_VIRTUALIZATION
++#pragma clang section bss=".nozi.kdata_page"
++#else
++#pragma clang section bss=".nex_nozi.kdata_page"
++#endif
++#endif
+ static uint8_t thread_user_kdata_page[
+ ROUNDUP(sizeof(struct thread_core_local) * CFG_TEE_CORE_NB_CORE,
+ SMALL_PAGE_SIZE)]
+ __aligned(SMALL_PAGE_SIZE)
++#ifndef __clang__
+ #ifndef CFG_NS_VIRTUALIZATION
+- __section(".nozi.kdata_page");
++ __section(".nozi.kdata_page")
+ #else
+- __section(".nex_nozi.kdata_page");
++ __section(".nex_nozi.kdata_page")
+ #endif
++#endif
++ ;
++#endif
++
++/* reset BSS section to default ( .bss ) */
++#ifdef __clang__
++#pragma clang section bss=""
+ #endif
+
+ #ifdef ARM32
+diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c
+index 7e79f780a..ec4db9dc9 100644
+--- a/core/arch/arm/mm/core_mmu_lpae.c
++++ b/core/arch/arm/mm/core_mmu_lpae.c
+@@ -233,19 +233,46 @@ typedef uint16_t l1_idx_t;
+ typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES];
+ typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES];
+
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.base_table"
++#endif
+ static base_xlat_tbls_t base_xlation_table[NUM_BASE_TABLES]
+ __aligned(NUM_BASE_LEVEL_ENTRIES * XLAT_ENTRY_SIZE)
+- __section(".nozi.mmu.base_table");
++#ifndef __clang__
++ __section(".nozi.mmu.base_table")
++#endif
++;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.l2"
++#endif
+ static xlat_tbl_t xlat_tables[MAX_XLAT_TABLES]
+- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2");
++ __aligned(XLAT_TABLE_SIZE)
++#ifndef __clang__
++ __section(".nozi.mmu.l2")
++#endif
++;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+
+ #define XLAT_TABLES_SIZE (sizeof(xlat_tbl_t) * MAX_XLAT_TABLES)
+
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.l2"
++#endif
+ /* MMU L2 table for TAs, one for each thread */
+ static xlat_tbl_t xlat_tables_ul1[CFG_NUM_THREADS]
+- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2");
+-
++#ifndef __clang__
++ __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2")
++#endif
++;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+ /*
+ * TAs page table entry inside a level 1 page table.
+ *
+diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c
+index 61e703da8..1960c08ca 100644
+--- a/core/arch/arm/mm/core_mmu_v7.c
++++ b/core/arch/arm/mm/core_mmu_v7.c
+@@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES];
+ typedef uint32_t l2_xlat_tbl_t[NUM_L2_ENTRIES];
+ typedef uint32_t ul1_xlat_tbl_t[NUM_UL1_ENTRIES];
+
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.l1"
++#endif
+ static l1_xlat_tbl_t main_mmu_l1_ttb
+- __aligned(L1_ALIGNMENT) __section(".nozi.mmu.l1");
++ __aligned(L1_ALIGNMENT)
++#ifndef __clang__
++ __section(".nozi.mmu.l1")
++#endif
++;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+
+ /* L2 MMU tables */
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.l2"
++#endif
+ static l2_xlat_tbl_t main_mmu_l2_ttb[MAX_XLAT_TABLES]
+- __aligned(L2_ALIGNMENT) __section(".nozi.mmu.l2");
++ __aligned(L2_ALIGNMENT)
++#ifndef __clang__
++ __section(".nozi.mmu.l2")
++#endif
++;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+
+ /* MMU L1 table for TAs, one for each thread */
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.ul1"
++#endif
+ static ul1_xlat_tbl_t main_mmu_ul1_ttb[CFG_NUM_THREADS]
+- __aligned(UL1_ALIGNMENT) __section(".nozi.mmu.ul1");
++ __aligned(UL1_ALIGNMENT)
++#ifndef __clang__
++ __section(".nozi.mmu.ul1")
++#endif
++;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+
+ struct mmu_partition {
+ l1_xlat_tbl_t *l1_table;
+diff --git a/core/arch/arm/mm/pgt_cache.c b/core/arch/arm/mm/pgt_cache.c
+index 79553c6d2..b9efdf427 100644
+--- a/core/arch/arm/mm/pgt_cache.c
++++ b/core/arch/arm/mm/pgt_cache.c
+@@ -410,8 +410,18 @@ void pgt_init(void)
+ * has a large alignment, while .bss has a small alignment. The current
+ * link script is optimized for small alignment in .bss
+ */
++#ifdef __clang__
++#pragma clang section bss=".nozi.mmu.l2"
++#endif
+ static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE]
+- __aligned(PGT_SIZE) __section(".nozi.pgt_cache");
++ __aligned(PGT_SIZE)
++#ifndef __clang__
++ __section(".nozi.pgt_cache")
++#endif
++ ;
++#ifdef __clang__
++#pragma clang section bss=""
++#endif
+ size_t n;
+
+ for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) {
+diff --git a/core/kernel/thread.c b/core/kernel/thread.c
+index 2a1f22dce..5516b6771 100644
+--- a/core/kernel/thread.c
++++ b/core/kernel/thread.c
+@@ -39,13 +39,24 @@ static uint32_t end_canary_value = 0xababab00;
+ name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1]
+ #endif
+
++#define DO_PRAGMA(x) _Pragma (#x)
++
++#ifdef __clang__
++#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \
++DO_PRAGMA (clang section bss=".nozi_stack." #name) \
++linkage uint32_t name[num_stacks] \
++ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \
++ STACK_ALIGNMENT) / sizeof(uint32_t)] \
++ __attribute__((aligned(STACK_ALIGNMENT))); \
++DO_PRAGMA(clang section bss="")
++#else
+ #define DECLARE_STACK(name, num_stacks, stack_size, linkage) \
+ linkage uint32_t name[num_stacks] \
+ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \
+ STACK_ALIGNMENT) / sizeof(uint32_t)] \
+ __attribute__((section(".nozi_stack." # name), \
+ aligned(STACK_ALIGNMENT)))
+-
++#endif
+ #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack))
+
+ DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE,
new file mode 100644
@@ -0,0 +1,30 @@
+From 8846ab2b37781364088cc5c02b6bc6f518a66a0a Mon Sep 17 00:00:00 2001
+From: Brett Warren <brett.warren@arm.com>
+Date: Wed, 23 Sep 2020 09:27:34 +0100
+Subject: [PATCH] optee: enable clang support
+
+When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used
+to provide a sysroot wasn't included, which results in not locating
+compiler-rt. This is mitigated by including the variable as ammended.
+
+Upstream-Status: Pending
+ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701
+Signed-off-by: Brett Warren <brett.warren@arm.com>
+
+---
+ mk/clang.mk | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/mk/clang.mk b/mk/clang.mk
+index a045beee..1ebe2f70 100644
+--- a/mk/clang.mk
++++ b/mk/clang.mk
+@@ -30,7 +30,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \
+
+ # Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of
+ # libgcc for clang
+-libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
++libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
+ -rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null)
+
+ # Core ASLR relies on the executable being ready to run from its preferred load
new file mode 100644
@@ -0,0 +1,63 @@
+From 188a39b139e0e2ccceb22bcf63559b451f0483e0 Mon Sep 17 00:00:00 2001
+From: Jerome Forissier <jerome.forissier@linaro.org>
+Date: Fri, 5 Aug 2022 09:48:03 +0200
+Subject: [PATCH] core: link: add --no-warn-rwx-segments
+
+Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
+Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5474]
+
+binutils ld.bfd generates one RWX LOAD segment by merging several sections
+with mixed R/W/X attributes (.text, .rodata, .data). After version 2.38 it
+also warns by default when that happens [1], which breaks the build due to
+--fatal-warnings. The RWX segment is not a problem for the TEE core, since
+that information is not used to set memory permissions. Therefore, silence
+the warning.
+
+Link: [1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
+Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29448
+Reported-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
+Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
+Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
+
+---
+ core/arch/arm/kernel/link.mk | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk
+index 0e96e606..3fbcb680 100644
+--- a/core/arch/arm/kernel/link.mk
++++ b/core/arch/arm/kernel/link.mk
+@@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment
+ link-ldflags += --fatal-warnings
+ link-ldflags += --gc-sections
+ link-ldflags += $(link-ldflags-common)
++link-ldflags += $(call ld-option,--no-warn-rwx-segments)
+
+ link-ldadd = $(LDADD)
+ link-ldadd += $(ldflags-external)
+@@ -61,6 +62,7 @@ link-script-cppflags := \
+ $(cppflagscore))
+
+ ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \
++ $(call ld-option,--no-warn-rwx-segments) \
+ $(link-ldflags-common) \
+ $(link-objs) $(link-ldadd) $(libgcccore)
+ cleanfiles += $(link-out-dir)/all_objs.o
+@@ -75,7 +77,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o
+ $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@
+
+ unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \
+- $(link-ldflags-common)
++ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments)
+ unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore)
+ cleanfiles += $(link-out-dir)/unpaged.o
+ $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt
+@@ -104,7 +106,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o
+ $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@
+
+ init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \
+- $(link-ldflags-common)
++ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments)
+ init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \
+ $(libgcccore)
+ cleanfiles += $(link-out-dir)/init.o
new file mode 100644
@@ -0,0 +1,24 @@
+require optee-os_3.22.0.bb
+
+SUMMARY = "OP-TEE Trusted OS TA devkit"
+DESCRIPTION = "OP-TEE TA devkit for build TAs"
+HOMEPAGE = "https://www.op-tee.org/"
+
+DEPENDS += "python3-pycryptodome-native"
+
+do_install() {
+ #install TA devkit
+ install -d ${D}${includedir}/optee/export-user_ta/
+ for f in ${B}/export-ta_${OPTEE_ARCH}/* ; do
+ cp -aR $f ${D}${includedir}/optee/export-user_ta/
+ done
+}
+
+do_deploy() {
+ echo "Do not inherit do_deploy from optee-os."
+}
+
+FILES:${PN} = "${includedir}/optee/"
+
+# Build paths are currently embedded
+INSANE_SKIP:${PN}-dev += "buildpaths"
deleted file mode 100644
@@ -1,5 +0,0 @@
-# Include Trusted Services Secure Partitions
-require optee-os-ts-3.18.inc
-
-# Conditionally include platform specific Trusted Services related OPTEE build parameters
-EXTRA_OEMAKE:append:qemuarm64-secureboot = "${@oe.utils.conditional('SP_PATHS', '', '', ' CFG_CORE_HEAP_SIZE=131072 CFG_TEE_BENCHMARK=n CFG_TEE_CORE_LOG_LEVEL=4 CFG_CORE_SEL1_SPMC=y ', d)}"
new file mode 100644
@@ -0,0 +1,10 @@
+require optee-os.inc
+
+DEPENDS += "dtc-native"
+
+FILESEXTRAPATHS:prepend := "${THISDIR}/optee-os-3.22.0:"
+
+SRCREV = "001ace6655dd6bb9cbe31aa31b4ba69746e1a1d9"
+SRC_URI += " \
+ file://0001-core-Define-section-attributes-for-clang.patch \
+ "
new file mode 100644
@@ -0,0 +1,10 @@
+require optee-test.inc
+
+SRC_URI += " \
+ file://musl-workaround.patch \
+ "
+SRCREV = "a286b57f1721af215ace318d5807e63f40186df6"
+
+EXTRA_OEMAKE:append = " OPTEE_OPENSSL_EXPORT=${STAGING_INCDIR}"
+DEPENDS:append = " openssl"
+CFLAGS:append = " -Wno-error=deprecated-declarations"
Update to the latest version of OP-TEE, and move the legacy versions that are still in use by meta-arm-bsp to that directory Signed-off-by: Jon Mason <jon.mason@arm.com> --- .../optee/optee-client/tee-supplicant.service | 10 + .../optee/optee-client/tee-supplicant.sh | 46 ++++ .../optee/optee-client_3.18.0.bb | 2 +- .../optee/optee-client_3.20.0.bb | 2 +- .../optee/optee-examples_3.18.0.bb | 2 +- .../optee/optee-examples_3.20.0.bb | 2 +- ...ow-setting-sysroot-for-libgcc-lookup.patch | 0 .../0002-optee-enable-clang-support.patch | 0 ...3-core-link-add-no-warn-rwx-segments.patch | 0 ...-Define-section-attributes-for-clang.patch | 0 ...0005-core-ldelf-link-add-z-execstack.patch | 0 ...ibutee-ta-add-.note.GNU-stack-sectio.patch | 0 ...ow-setting-sysroot-for-libgcc-lookup.patch | 0 .../0002-optee-enable-clang-support.patch | 0 ...3-core-link-add-no-warn-rwx-segments.patch | 0 ...-Define-section-attributes-for-clang.patch | 0 ...-core-arm-S-EL1-SPMC-boot-ABI-update.patch | 0 ...-core-ffa-add-TOS_FW_CONFIG-handling.patch | 0 ...re-spmc-handle-non-secure-interrupts.patch | 0 ...ure-SP-s-NS-interrupt-action-based-o.patch | 0 .../optee/optee-os-tadevkit_3.18.0.bb | 0 .../optee/optee-os-tadevkit_3.20.0.bb | 0 .../optee/optee-os-ts-3.18.inc | 0 .../recipes-security/optee/optee-os_3.18.0.bb | 2 +- .../recipes-security/optee/optee-os_3.20.0.bb | 2 +- ...pdate-arm_ffa_user-driver-dependency.patch | 39 +++ ..._ffa_user-driver-compatibility-check.patch | 163 ++++++++++++ .../optee/optee-test/musl-workaround.patch | 24 ++ .../optee/optee-test/run-ptest | 52 ++++ .../optee/optee-test_3.18.0.bb | 2 +- .../optee/optee-test_3.20.0.bb | 2 +- meta-arm/conf/machine/qemuarm-secureboot.conf | 3 - .../optee/optee-client_3.22.0.bb | 7 + .../optee/optee-examples_3.22.0.bb | 3 + ...ow-setting-sysroot-for-libgcc-lookup.patch | 35 +++ ...-Define-section-attributes-for-clang.patch | 240 ++++++++++++++++++ .../0002-optee-enable-clang-support.patch | 30 +++ ...3-core-link-add-no-warn-rwx-segments.patch | 63 +++++ .../optee/optee-os-tadevkit_3.22.0.bb | 24 ++ .../optee/optee-os_3.1%.bbappend | 5 - .../recipes-security/optee/optee-os_3.22.0.bb | 10 + .../optee/optee-test_3.22.0.bb | 10 + 42 files changed, 764 insertions(+), 16 deletions(-) create mode 100644 meta-arm-bsp/recipes-security/optee/optee-client/tee-supplicant.service create mode 100644 meta-arm-bsp/recipes-security/optee/optee-client/tee-supplicant.sh rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-client_3.18.0.bb (52%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-client_3.20.0.bb (73%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-examples_3.18.0.bb (51%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-examples_3.20.0.bb (51%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.18.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.18.0/0002-optee-enable-clang-support.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.18.0/0003-core-link-add-no-warn-rwx-segments.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.18.0/0004-core-Define-section-attributes-for-clang.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.18.0/0005-core-ldelf-link-add-z-execstack.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.18.0/0006-arm32-libutils-libutee-ta-add-.note.GNU-stack-sectio.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0002-optee-enable-clang-support.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0003-core-link-add-no-warn-rwx-segments.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0004-core-Define-section-attributes-for-clang.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-3.20.0/0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-tadevkit_3.18.0.bb (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-tadevkit_3.20.0.bb (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os-ts-3.18.inc (100%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os_3.18.0.bb (88%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-os_3.20.0.bb (91%) create mode 100644 meta-arm-bsp/recipes-security/optee/optee-test/Update-arm_ffa_user-driver-dependency.patch create mode 100644 meta-arm-bsp/recipes-security/optee/optee-test/ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch create mode 100644 meta-arm-bsp/recipes-security/optee/optee-test/musl-workaround.patch create mode 100755 meta-arm-bsp/recipes-security/optee/optee-test/run-ptest rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-test_3.18.0.bb (86%) rename {meta-arm => meta-arm-bsp}/recipes-security/optee/optee-test_3.20.0.bb (89%) create mode 100644 meta-arm/recipes-security/optee/optee-client_3.22.0.bb create mode 100644 meta-arm/recipes-security/optee/optee-examples_3.22.0.bb create mode 100644 meta-arm/recipes-security/optee/optee-os-3.22.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch create mode 100644 meta-arm/recipes-security/optee/optee-os-3.22.0/0001-core-Define-section-attributes-for-clang.patch create mode 100644 meta-arm/recipes-security/optee/optee-os-3.22.0/0002-optee-enable-clang-support.patch create mode 100644 meta-arm/recipes-security/optee/optee-os-3.22.0/0003-core-link-add-no-warn-rwx-segments.patch create mode 100644 meta-arm/recipes-security/optee/optee-os-tadevkit_3.22.0.bb delete mode 100644 meta-arm/recipes-security/optee/optee-os_3.1%.bbappend create mode 100644 meta-arm/recipes-security/optee/optee-os_3.22.0.bb create mode 100644 meta-arm/recipes-security/optee/optee-test_3.22.0.bb