ARMv8-A QEMU运行OP-TEE/ATF环境搭建
关键词:OP-TEE、ATF、xtest、Linux等等。
下面记录通过ARMv8-A QEMU运行OP-TEE、ARM Trusted Firmware、Linux环境搭建过程。
1. 编译环境准备
sudo apt-get install android-tools-adb android-tools-fastboot autoconf automake bc bison build-essential ccache cscope curl device-tree-compiler expect flex ftp-upload gdisk iasl libattr1-dev libcap-dev libfdt-dev libftdi-dev libglib2.0-dev libgmp-dev libhidapi-dev libmpc-dev libncurses5-dev libpixman-1-dev libssl-dev libtool make mtools netcat ninja-build python3-crypto python3-pycryptodome python3-pyelftools python3-serial rsync unzip uuid-dev xdg-utils xterm xz-utils zlib1g-dev
安装pycryptodome:
pip install pycryptodome
2. 代码下载
由于访问github.com速度非常慢,并且连接不稳定。
所已经github.com相关仓库,镜像到gitee.com;并且手动下载toolchains;手动下载linaro-swg/linux.git。
2.1 镜像github.com相库到gitee.com
repo init -u https://gitee.com/arnoldlu/manifest.git -m qemu_v8.xml --repo-url=git://codeaurora.org/tools/repo.git -b 3.18.0
repo初始化后,得到的原生qemu_v8.xml为:
<?xml version="1.0" encoding="UTF-8"?> <manifest> <remote name="github" fetch="https://github.com" /> <remote name="tfo" fetch="https://git.trustedfirmware.org" /> <remote name="u-boot" fetch="https://source.denx.de/u-boot" /> <default remote="github" revision="master" /> <!-- OP-TEE gits --> <project path="optee_client" name="OP-TEE/optee_client.git" revision="refs/tags/3.18.0" clone-depth="1" /> <project path="optee_os" name="OP-TEE/optee_os.git" revision="refs/tags/3.18.0" clone-depth="1" /> <project path="optee_test" name="OP-TEE/optee_test.git" revision="refs/tags/3.18.0" clone-depth="1" /> <project path="build" name="OP-TEE/build.git" revision="refs/tags/3.18.0" clone-depth="1"> <linkfile src="qemu_v8.mk" dest="build/Makefile" /> </project> <!-- linaro-swg gits --> <project path="linux" name="linaro-swg/linux.git" revision="refs/tags/optee-3.18.0" clone-depth="1" /> <project path="optee_benchmark" name="linaro-swg/optee_benchmark.git" revision="refs/tags/3.18.0" clone-depth="1"/> <project path="optee_examples" name="linaro-swg/optee_examples.git" revision="refs/tags/3.18.0" clone-depth="1" /> <!-- Misc gits --> <project path="buildroot" name="buildroot/buildroot.git" revision="refs/tags/2021.11" clone-depth="1" /> <project path="edk2" name="tianocore/edk2.git" revision="refs/tags/edk2-stable202202" sync-s="true" /> <project path="mbedtls" name="Mbed-TLS/mbedtls.git" revision="refs/tags/mbedtls-2.26.0" clone-depth="1" /> <project path="optee_rust" name="apache/incubator-teaclave-trustzone-sdk.git" revision="3272b38b013395e3376a38af6315633239d26c1c" /> <project path="qemu" name="qemu/qemu.git" revision="refs/tags/v7.0.0" clone-depth="1" /> <project path="trusted-firmware-a" name="TF-A/trusted-firmware-a.git" revision="refs/tags/v2.6" clone-depth="1" remote="tfo" /> <project path="u-boot" name="u-boot.git" revision="refs/tags/v2021.04" remote="u-boot" clone-depth="1" /> </manifest>
修改manifest.xml:
sed -i "s/\.git//g" .repo/manifest.xml
然后将仓库指向gitee.com,最终manifest.xml修改成如下:
<?xml version="1.0" encoding="UTF-8"?> <manifest> <remote name="github" fetch="https://gitee.com" /> <default remote="github" revision="master" /> <!-- OP-TEE gits --> <project path="optee_client" name="arnoldlu/optee_client.git" revision="refs/tags/3.18.0" clone-depth="1" /> <project path="optee_os" name="arnoldlu/optee_os.git" revision="refs/tags/3.18.0" clone-depth="1" /> <project path="optee_test" name="arnoldlu/optee_test.git" revision="refs/tags/3.18.0" clone-depth="1" /> <project path="build" name="arnoldlu/build.git" revision="refs/tags/3.18.0" clone-depth="1"> <linkfile src="qemu_v8.mk" dest="build/Makefile" /> </project> <!-- linaro-swg gits --> <!-- project path="optee_benchmark" name="arnoldlu/optee_benchmark.git" revision="refs/tags/3.18.0" clone-depth="1"/ --> <project path="optee_examples" name="arnoldlu/optee_examples.git" revision="refs/tags/3.18.0" clone-depth="1" /> <!-- Misc gits --> <project path="buildroot" name="arnoldlu/buildroot.git" revision="refs/tags/2021.11" clone-depth="1" /> <!-- project path="edk2" name="arnoldlu/edk2.git" revision="refs/tags/edk2-stable202202" sync-s="true" / --> <project path="mbedtls" name="arnoldlu/mbedtls.git" revision="refs/tags/mbedtls-2.26.0" clone-depth="1" /> <!-- project path="optee_rust" name="arnoldlu/incubator-teaclave-trustzone-sdk.git" revision="3272b38b013395e3376a38af6315633239d26c1c" / --> <project path="qemu" name="arnoldlu/qemu.git" revision="refs/tags/v7.0.0" clone-depth="1" /> <project path="trusted-firmware-a" name="arnoldlu/trusted-firmware-a.git" revision="refs/tags/v2.6" clone-depth="1" remote="tfo" /> <project path="u-boot" name="arnoldlu/u-boot.git" revision="refs/tags/v2021.04" remote="u-boot" clone-depth="1" /> </manifest>
开始更新repo仓库代码:
repo sync -j4
2.2 下载linaro-swg/linux.git
由于Linux仓库过大,无法导入到gitee.com。
手动到Linaro SWG下载ZIP压缩包。
https://github.com/linaro-swg/linux.git
选择optee-3.18.0标签,点击Download ZIP下载压缩包。
在工作目录中解压linux-optee-3.18.0.zip,并将目录命名为linux。
2.3 创建Makefile软链接
ln -s build/qemu_v8.mk build/Makefile
2.4 下载toolchains
执行make toolchains,下载工具链并且解压:
. ├── aarch32 ├── aarch64 ├── gcc-arm-10.2-2020.11-x86_64-aarch64-none-linux-gnu.tar.xz └── gcc-arm-10.2-2020.11-x86_64-arm-none-linux-gnueabihf.tar.xz
如果自己下载可以注释掉toolchain.mk中的curl下载命令。
3. 编译运行
修改qemu_v8.mk,使用uboot提到edk2。并且调整CPU型号、SMP核数、内存:
diff --git a/qemu_v8.mk b/qemu_v8.mk index c41219d..62ceb07 100644 --- a/qemu_v8.mk +++ b/qemu_v8.mk @@ -35,7 +35,7 @@ include common.mk DEBUG ?= 1 # Option to use U-Boot in the boot flow instead of EDK2 -UBOOT ?= n +UBOOT ?= y # Option to build with GICV3 enabled GICV3 ?= y @@ -406,9 +406,9 @@ QEMU_VIRT = true QEMU_XEN ?= -drive if=none,file=$(XEN_EXT4),format=raw,id=hd1 \ -device virtio-blk-device,drive=hd1 else -QEMU_CPU ?= max,sve=off -QEMU_SMP ?= 2 -QEMU_MEM ?= 1057 +QEMU_CPU ?= cortex-a53 +QEMU_SMP ?= 1 +QEMU_MEM ?= 2048 QEMU_VIRT = false endif
在build目录下编译:
make -j8
或者
make -f qemu_v8.mk -j8
在build目录下运行:
make run-only
make -f qemu_v8.mk run-only
在shell中输入“c”,可以看到弹出两个shell,分别是非安全的Linux和安全的OP-TEE。
在Linux终端中输入root登录,然后执行xtest进行OP-TEE测试。
4. 其他问题
在某些版本上生成optee镜像脚本write_header_v1/write_header_v2的init_size参数为float,需要转化成int:
project optee_os/ diff --git a/scripts/gen_hashed_bin.py b/scripts/gen_hashed_bin.py index 32350a4..3788983 100755 --- a/scripts/gen_hashed_bin.py +++ b/scripts/gen_hashed_bin.py @@ -18,7 +18,7 @@ def write_header_v1(outf, init_size, args, paged_size): magic = 0x4554504f # 'OPTE' version = 1; outf.write(struct.pack('<IBBHIIIII', \ - magic, version, arch_id[args.arch], args.flags, init_size, \ + magic, version, arch_id[args.arch], args.flags, int(init_size), \ args.init_load_addr_hi, args.init_load_addr_lo, \ args.init_mem_usage, paged_size)) @@ -30,7 +30,7 @@ def write_header_v2(outf, init_size, args, paged_size): magic, version, arch_id[args.arch], args.flags, nb_images)) outf.write(struct.pack('<IIII', \ args.init_load_addr_hi, args.init_load_addr_lo, \ - image_id['pager'], init_size)) + image_id['pager'], int(init_size))) if nb_images == 2: outf.write(struct.pack('<IIII', \ 0xffffffff, 0xffffffff, image_id['paged'], paged_size))
联系方式:arnoldlu@qq.com
