Page MenuHomePhabricator

Running Trusted Services on FVP Base platform
Updated 429 Days AgoPublic

Trusted Services is integrated into the OP-TEE reference build system, so the OP-TEE testing environment can be reused for TS after a few minor modifications.

The base of the file below is the Ubuntu 22.04 Dockerfile copied from OP-TEE prerequisites (Revision eda1e0fd. Last updated on 2023-10-18 12:28). Differences compared to the original OP-TEE Dockerfile:

  • Use the fvp-ts manifest file instead of qemu
  • Install cmake and python2 packages
  • Install Trusted Services Python prerequisites using pip
  • Download and extract the FVP Base RevC 2xAEMvA model
FROM ubuntu:22.04
ARG DEBIAN_FRONTEND=noninteractive
RUN apt update && apt upgrade -y
RUN apt install -y \
    adb \
    acpica-tools \
    autoconf \
    automake \
    bc \
    bison \
    build-essential \
    ccache \
    cmake \
    cpio \
    cscope \
    curl \
    device-tree-compiler \
    e2tools \
    expect \
    fastboot \
    flex \
    ftp-upload \
    gdisk \
    git \
    libattr1-dev \
    libcap-ng-dev \
    libfdt-dev \
    libftdi-dev \
    libglib2.0-dev \
    libgmp3-dev \
    libhidapi-dev \
    libmpc-dev \
    libncurses5-dev \
    libpixman-1-dev \
    libslirp-dev \
    libssl-dev \
    libtool \
    libusb-1.0-0-dev \
    make \
    mtools \
    netcat \
    ninja-build \
    python3-cryptography \
    python3-pip \
    python3-pyelftools \
    python3-serial \
    python-is-python3 \
    python2 \
    rsync \
    swig \
    unzip \
    uuid-dev \
    wget \
    xdg-utils \
    xterm \
    xz-utils \
    zlib1g-dev
RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /bin/repo && chmod a+x /bin/repo
RUN mkdir /optee
WORKDIR /optee
RUN repo init -u https://github.com/OP-TEE/manifest.git -m fvp-ts.xml && repo sync -j10
RUN curl -OL https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FVP_Base_RevC-2xAEMvA_11.23_9_Linux64.tgz && tar xf FVP_Base_RevC-2xAEMvA_11.23_9_Linux64.tgz
WORKDIR /optee/trusted-services
RUN pip3 install -r requirements.txt
WORKDIR /optee/build
RUN make -j2 toolchains

Build a Docker image based on the file above, then create a container using this image. Don't forget to mount your .gitconfig into the container, or inside the container set at least the user.name and user.email in the git config, otherwise downloading and patching TS dependencies will fail.

Build and run the project inside the container (make all, make run-only). The FVP terminals can be reached through telnet, the default ports for the NWd and SWd console are 5000 and 5001.

After the boot is done login to Linux and copy the TS test apps and libraries:

cp -a /mnt/host/out/ts-install/arm-linux/bin /usr/
cp -a /mnt/host/out/ts-install/arm-linux/lib /usr/

The following test apps are available currently: ts-service-test, psa-its-api-test, psa-ps-api-test, psa-crypto-api-test, psa-iat-api-test.

Last Author
balintdobszay
Last Edited
Oct 19 2023, 2:53 PM

Event Timeline

gyuri-szing created this object.Oct 19 2023, 9:38 AM
gyuri-szing created this object with edit policy "Custom Policy".
balintdobszay changed the title from Running TS On the FVP Base RevC 2xAEMvA platform to Running Trusted Services on FVP Base RevC AEMvA platform.Oct 19 2023, 9:39 AM
balintdobszay changed the visibility from "Public (No Login Required)" to "All Users".
balintdobszay edited the content of this document. (Show Details)Oct 19 2023, 9:50 AM
balintdobszay changed the title from Running Trusted Services on FVP Base RevC AEMvA platform to Running Trusted Services on FVP Base platform.Oct 19 2023, 11:33 AM
balintdobszay edited the content of this document. (Show Details)
balintdobszay edited the content of this document. (Show Details)Oct 19 2023, 11:39 AM
balintdobszay edited the content of this document. (Show Details)Oct 19 2023, 2:49 PM
balintdobszay edited the content of this document. (Show Details)
balintdobszay changed the visibility from "All Users" to "Public (No Login Required)".
balintdobszay edited the content of this document. (Show Details)Oct 19 2023, 2:51 PM
balintdobszay edited the content of this document. (Show Details)
balintdobszay edited the content of this document. (Show Details)
balintdobszay edited the content of this document. (Show Details)
balintdobszay edited the content of this document. (Show Details)
gyuri-szing changed the edit policy from "Custom Policy" to "Trusted Services (Project)".Jan 24 2024, 12:26 PM