package/optee-examples: new package

This package generates embedded Linux based OS userland client
applications and OP-TEE OS trusted applications all embedded in the
file system. These applications shows how to use the APIs OP-TEE OS is
based on, both in the non secure and secure worlds.

Package is added next to the OP-TEE client package in the BR package
configuration.

This change references in Buildroot the today's latest OP-TEE revision
release tagged 3.4.0 with an added patch to fix an issue reported by
recent GCC toolchains.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[Thomas:
 - drop version selection
 - propagate !BR2_STATIC_LIBS dependency of optee-client
 - make sure BR2_TARGET_OPTEE_OS_SDK is selected
 - use a patch generated by git format-patch
 - simplify the construct to build the examples]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS

@@ -690,6 +690,7 @@ F:	package/szip/
 N:	Etienne Carriere <etienne.carriere@linaro.org>
 F:	boot/optee-os/
 F:	package/optee-client/
+F:	package/optee-examples/
 
 N:	Eugene Tarassov <eugene@largest.net>
 F:	package/tcf-agent/

package/Config.in

@@ -2080,6 +2080,7 @@ endmenu
 menu "Security"
 	source "package/checkpolicy/Config.in"
 	source "package/optee-client/Config.in"
+	source "package/optee-examples/Config.in"
 	source "package/paxtest/Config.in"
 	source "package/policycoreutils/Config.in"
 	source "package/refpolicy/Config.in"

package/optee-examples/0001-fix-deprecated-size_t-type-for-size.patch

@@ -0,0 +1,42 @@
+From 1a2713ac698410fb1a889941d52df12a7bd75f3b Mon Sep 17 00:00:00 2001
+From: Etienne Carriere <etienne.carriere@linaro.org>
+Date: Sun, 17 Feb 2019 22:17:21 +0100
+Subject: [PATCH] secure_storage: fix deprecated size_t type for size
+
+size_t types is an deprecated type used in GPD API v1.0.
+Update
+
+Error reported by GCC 7.3-2018.05:
+  secure_storage_ta.c:203:6: warning: passing argument 4 of 'TEE_ReadObjectData' from incompatible pointer type [-Wincompatible-pointer-types]
+      &read_bytes);
+
+Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
+---
+ secure_storage/ta/secure_storage_ta.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/secure_storage/ta/secure_storage_ta.c b/secure_storage/ta/secure_storage_ta.c
+index d120e47..3ccc12d 100644
+--- a/secure_storage/ta/secure_storage_ta.c
++++ b/secure_storage/ta/secure_storage_ta.c
+@@ -146,7 +146,7 @@ static TEE_Result read_raw_object(uint32_t param_types, TEE_Param params[4])
+ 	TEE_ObjectHandle object;
+ 	TEE_ObjectInfo object_info;
+ 	TEE_Result res;
+-	size_t read_bytes;
++	uint32_t read_bytes;
+ 	char *obj_id;
+ 	size_t obj_id_sz;
+ 	char *data;
+@@ -202,7 +202,7 @@ static TEE_Result read_raw_object(uint32_t param_types, TEE_Param params[4])
+ 	res = TEE_ReadObjectData(object, data, object_info.dataSize,
+ 				 &read_bytes);
+ 	if (res != TEE_SUCCESS || read_bytes != object_info.dataSize) {
+-		EMSG("TEE_ReadObjectData failed 0x%08x, read %u over %u",
++		EMSG("TEE_ReadObjectData failed 0x%08x, read %" PRIu32 " over %u",
+ 				res, read_bytes, object_info.dataSize);
+ 		goto exit;
+ 	}
+-- 
+2.20.1
+

package/optee-examples/Config.in

@@ -0,0 +1,23 @@
+config BR2_PACKAGE_OPTEE_EXAMPLES
+	bool "optee-examples"
+	depends on BR2_TARGET_OPTEE_OS
+	depends on !BR2_STATIC_LIBS # optee-client
+	select BR2_PACKAGE_OPTEE_CLIENT
+	select BR2_TARGET_OPTEE_OS_SDK
+	help
+	  Enable the OP-TEE examples package that brings examples of
+	  implementation of OP-TEE non-secure client applications and
+	  secure trusted applications. OP-TEE examples is a
+	  component delivered by the OP-TEE project.
+
+	  Trusted application binary files are installed in the target
+	  directory /lib/optee_armtz as other trusted applications.
+	  At runtime OP-TEE OS can load trusted applications from this
+	  non-secure filesystem/directory into the secure world for
+	  execution.
+
+	  https://github.com/linaro-swg/optee_examples
+
+comment "optee-examples needs a toolchain w/ dynamic library"
+	depends on BR2_TARGET_OPTEE_OS
+	depends on BR2_STATIC_LIBS

package/optee-examples/optee-examples.hash

@@ -0,0 +1,4 @@
+# From https://github.com/linaro-swg/optee_examples/archive/3.4.0.tar.gz
+sha256 d833753980ac438c1675787857bb8352997352212334274de9419770097ce039  optee-examples-3.4.0.tar.gz
+# Locally computed
+sha256 6f1ef8449cb82ae79d2155605f7985bdf0f08e7ab5007de9b4362e8bf28733b9  LICENSE

package/optee-examples/optee-examples.mk

@@ -0,0 +1,37 @@
+################################################################################
+#
+# optee-examples
+#
+################################################################################
+
+OPTEE_EXAMPLES_VERSION = 3.4.0
+OPTEE_EXAMPLES_SITE = $(call github,linaro-swg,optee_examples,$(OPTEE_EXAMPLES_VERSION))
+OPTEE_EXAMPLES_LICENSE = BSD-2-Clause
+OPTEE_EXAMPLES_LICENSE_FILES = LICENSE
+
+OPTEE_EXAMPLES_DEPENDENCIES = optee-client optee-os
+
+ifeq ($(BR2_aarch64),y)
+OPTEE_EXAMPLES_SDK = $(STAGING_DIR)/lib/optee/export-ta_arm64
+else ifeq ($(BR2_arm),y)
+OPTEE_EXAMPLES_SDK = $(STAGING_DIR)/lib/optee/export-ta_arm32
+endif
+
+# Trusted Application are not built from CMake due to ta_dev_kit dependencies.
+# We must build and install them on target.
+define OPTEE_EXAMPLES_BUILD_TAS
+	$(foreach f,$(wildcard $(@D)/*/ta/Makefile), \
+		$(TARGET_CONFIGURE_OPTS) \
+		$(MAKE) CROSS_COMPILE=$(TARGET_CROSS) \
+			TA_DEV_KIT_DIR=$(OPTEE_EXAMPLES_SDK) \
+			O=out -C $(dir $f) all
+	)
+endef
+define OPTEE_EXAMPLES_INSTALL_TAS
+	@mkdir -p $(TARGET_DIR)/lib/optee_armtz
+	@$(INSTALL) -D -m 444 -t $(TARGET_DIR)/lib/optee_armtz $(@D)/*/ta/out/*.ta
+endef
+OPTEE_EXAMPLES_POST_BUILD_HOOKS += OPTEE_EXAMPLES_BUILD_TAS
+OPTEE_EXAMPLES_POST_INSTALL_TARGET_HOOKS += OPTEE_EXAMPLES_INSTALL_TAS
+
+$(eval $(cmake-package))