Skip to content

Commit 057969d

Browse files
gsingh93gsingh93
committed
WIP
1 parent 01131da commit 057969d

File tree

2 files changed

+80
-8
lines changed

2 files changed

+80
-8
lines changed

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,3 +8,5 @@
88
/out
99
/.cache
1010
compile_commands.json
11+
12+
/trusty

Makefile

Lines changed: 78 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,14 @@ else ifeq ($(filter x86_64 arm64 i386,$(ARCH)),)
3030
$(error Invalid architecture $(ARCH))
3131
endif
3232

33+
ifneq ($(ARCH),arm64)
34+
# We currently only support Trusty with arm64, as we rely on ARM TF-A
35+
ifneq ($(filter trusty,$(MAKECMDGOALS)),)
36+
$(error Building Trusty is only supported on arm64)
37+
endif
38+
endif
39+
40+
3341
.PHONY: default
3442
default: linux tools-vm
3543

@@ -381,6 +389,39 @@ uboot $(UBOOT_BIN): $(UBOOT_CONFIG) | $(CLANG_DIR)
381389
uboot_clean:
382390
+ $(UBOOT_MAKE) mrproper
383391

392+
##
393+
## Trusty
394+
##
395+
396+
TRUSTY_SRC ?= $(ROOT_DIR)/trusty
397+
TRUSTY_TARGET ?= qemu-generic-arm64-test-debug
398+
TRUSTY_BUILD_ROOT ?= $(OUT_DIR)/trusty
399+
TRUSTY_OUT := $(TRUSTY_BUILD_ROOT)/build-$(TRUSTY_TARGET)
400+
401+
ATF_DIR := $(TRUSTY_OUT)/atf/qemu/debug
402+
ATF_BL1 := $(ATF_DIR)/bl1.bin
403+
ATF_BL33 := $(ATF_DIR)/bl33.bin
404+
405+
.PHONY: trusty-init
406+
trusty-init:
407+
mkdir -p $(TRUSTY_SRC)
408+
cd $(TRUSTY_SRC) && repo init -u https://android.googlesource.com/trusty/manifest -b main
409+
cd $(TRUSTY_SRC) && repo sync -j`nproc` -c --no-tags
410+
411+
.PHONY: trusty
412+
trusty $(ATF_BL1): | $(TRUSTY_SRC)
413+
$(TRUSTY_SRC)/trusty/vendor/google/aosp/scripts/build.py --build-root $(TRUSTY_BUILD_ROOT) --skip-tests $(TRUSTY_TARGET)
414+
$(MAKE) trusty_bl33
415+
416+
.PHONY: trusty_bl33
417+
trusty_bl33 $(ATF_BL33): $(UBOOT_BIN)
418+
rm $(ATF_BL33)
419+
cp $(UBOOT_BIN) $(ATF_BL33)
420+
421+
.PHONY: trusty_clean
422+
trusty_clean:
423+
rm -rf $(TRUSTY_OUT)
424+
384425
##
385426
## Run QEMU
386427
##
@@ -397,7 +438,9 @@ ECHR ?= 1
397438
ROOT ?= /dev/vda
398439
RW ?= rw
399440
KASLR ?= 0
441+
400442
UBOOT ?= 0
443+
TRUSTY ?= 0
401444

402445
QEMU_KERNEL_CMDLINE := selinux=0
403446

@@ -407,15 +450,22 @@ QEMU_ARGS := \
407450
-nographic \
408451
-no-reboot \
409452
-kernel $(QEMU_KERNEL_IMAGE) \
410-
-netdev user,id=eth0,hostfwd=tcp::7777-:7777,hostfwd=tcp::2222-:22,hostfwd=tcp::2223-:23 -device virtio-net-pci,netdev=eth0 \
411-
-virtfs local,security_model=mapped-xattr,path=$(SHARED_DIR),mount_tag=shared \
412453
-echr $(ECHR) \
413454
$(QEMU_EXTRA_ARGS)
414455

415-
ifeq ($(UBOOT),1)
456+
ifeq ($(TRUSTY),1)
457+
QEMU_ARGS += -bios $(ATF_BL1)
458+
else ifeq ($(UBOOT),1)
416459
QEMU_ARGS += -bios $(UBOOT_BIN)
417460
endif
418461

462+
ifneq ($(TRUSTY),1)
463+
# Trusty currently only works with a very old version of QEMU, these flags
464+
# don't seem to work with it
465+
QEMU_ARGS += -netdev user,id=eth0,hostfwd=tcp::7777-:7777,hostfwd=tcp::2222-:22,hostfwd=tcp::2223-:23 -device virtio-net-pci,netdev=eth0
466+
QEMU_ARGS += -virtfs local,security_model=mapped-xattr,path=$(SHARED_DIR),mount_tag=shared
467+
endif
468+
419469
ifneq ($(INITRD),)
420470
ifeq ($(INITRD),1)
421471
INITRD := $(CPIO_FILE)
@@ -432,7 +482,7 @@ ifeq ($(GDB),1)
432482
endif
433483

434484
ifeq ($(ARCH),x86_64)
435-
QEMU_BIN := qemu-system-x86_64
485+
QEMU_BIN ?= qemu-system-x86_64
436486
QEMU_KERNEL_CMDLINE += console=ttyS0 kpti no5lvl
437487

438488
QEMU_ARGS += -cpu kvm64,+smep,+smap
@@ -442,14 +492,26 @@ ifeq ($(ARCH),x86_64)
442492
QEMU_ARGS += -accel kvm
443493
endif
444494
else ifeq ($(ARCH),i386)
445-
QEMU_BIN := qemu-system-i386
495+
QEMU_BIN ?= qemu-system-i386
446496
QEMU_KERNEL_CMDLINE += console=ttyS0
447497
else
448-
QEMU_BIN := qemu-system-aarch64
498+
ifeq ($(TRUSTY),1)
499+
# Trusty currently only runs with its patched build of QEMU
500+
QEMU_BIN ?= $(TRUSTY_OUT)/qemu-build/aarch64-softmmu/qemu-system-aarch64
501+
else
502+
QEMU_BIN ?= qemu-system-aarch64
503+
endif
504+
449505
QEMU_KERNEL_CMDLINE += console=ttyAMA0
450506

507+
ifeq ($(TRUSTY),1)
508+
MACHINE := -machine virt,secure=on,virtualization=on
509+
else
510+
MACHINE := -machine virt,virtualization=on
511+
endif
512+
451513
QEMU_ARGS += \
452-
-M virt \
514+
$(MACHINE) \
453515
-cpu cortex-a53 \
454516
-semihosting-config enable=on,target=native
455517
endif
@@ -461,10 +523,18 @@ endif
461523
QEMU_ARGS += -append "$(QEMU_KERNEL_CMDLINE) $(QEMU_EXTRA_KERNEL_CMDLINE)"
462524

463525
RUN_DEPS := $(QEMU_KERNEL_IMAGE)
526+
RUN_DIR := $(ROOT_DIR)
527+
464528
ifeq ($(UBOOT),1)
465529
RUN_DEPS += $(UBOOT_BIN)
466530
endif
467531

532+
ifeq ($(TRUSTY),1)
533+
RUN_DEPS += $(ATF_BL1)
534+
# TODO: Is there a QEMU flag we can use to make this not necessary?
535+
RUN_DIR := $(ATF_DIR)
536+
endif
537+
468538
.PHONY: run
469539
run: $(RUN_DEPS) | $(SHARED_DIR)
470540
@echo "$(GREEN)Running QEMU, press 'ctrl-a x' to quit $(NC)"
@@ -478,7 +548,7 @@ endif
478548

479549
endif
480550
@echo ''
481-
$(QEMU_BIN) $(QEMU_ARGS)
551+
cd $(RUN_DIR) && $(QEMU_BIN) $(QEMU_ARGS)
482552

483553
.PHONY: run-ack
484554
run-ack: run

0 commit comments

Comments
 (0)