Running Trusted Services on FVP Base platform
Trusted Services is integrated into the OP-TEE reference build system, so the OP-TEE testing environment can be reused for TS after a few minor modifications.
The base of the file below is the Ubuntu 22.04 Dockerfile copied from OP-TEE prerequisites (Revision eda1e0fd. Last updated on 2023-10-18 12:28). Differences compared to the original OP-TEE Dockerfile:
- Use the fvp-ts manifest file instead of qemu
- Install cmake and python2 packages
- Install Trusted Services Python prerequisites using pip
- Download and extract the FVP Base RevC 2xAEMvA model
FROM ubuntu:22.04
ARG DEBIAN_FRONTEND=noninteractive
RUN apt update && apt upgrade -y
RUN apt install -y \
adb \
acpica-tools \
autoconf \
automake \
bc \
bison \
build-essential \
ccache \
cmake \
cpio \
cscope \
curl \
device-tree-compiler \
e2tools \
expect \
fastboot \
flex \
ftp-upload \
gdisk \
git \
libattr1-dev \
libcap-ng-dev \
libfdt-dev \
libftdi-dev \
libglib2.0-dev \
libgmp3-dev \
libhidapi-dev \
libmpc-dev \
libncurses5-dev \
libpixman-1-dev \
libslirp-dev \
libssl-dev \
libtool \
libusb-1.0-0-dev \
make \
mtools \
netcat \
ninja-build \
python3-cryptography \
python3-pip \
python3-pyelftools \
python3-serial \
python-is-python3 \
python2 \
rsync \
swig \
unzip \
uuid-dev \
wget \
xdg-utils \
xterm \
xz-utils \
zlib1g-dev
RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /bin/repo && chmod a+x /bin/repo
RUN mkdir /optee
WORKDIR /optee
RUN repo init -u https://github.com/OP-TEE/manifest.git -m fvp-ts.xml && repo sync -j10
RUN curl -OL https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FVP_Base_RevC-2xAEMvA_11.23_9_Linux64.tgz && tar xf FVP_Base_RevC-2xAEMvA_11.23_9_Linux64.tgz
WORKDIR /optee/trusted-services
RUN pip3 install -r requirements.txt
WORKDIR /optee/build
RUN make -j2 toolchainsBuild a Docker image based on the file above, then create a container using this image. Don't forget to mount your .gitconfig into the container, or inside the container set at least the user.name and user.email in the git config, otherwise downloading and patching TS dependencies will fail.
Build and run the project inside the container (make all, make run-only). The FVP terminals can be reached through telnet, the default ports for the NWd and SWd console are 5000 and 5001.
After the boot is done login to Linux and copy the TS test apps and libraries:
cp -a /mnt/host/out/ts-install/arm-linux/bin /usr/ cp -a /mnt/host/out/ts-install/arm-linux/lib /usr/
The following test apps are available currently: ts-service-test, psa-its-api-test, psa-ps-api-test, psa-crypto-api-test, psa-iat-api-test.
- Last Author
- balintdobszay
- Last Edited
- Oct 19 2023, 2:53 PM