1# Copyright (C) 2018 The Android Open Source Project
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#      http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14#
15
16PROJECT_QEMU_INC_LOCAL_DIR := $(GET_LOCAL_DIR)
17
18APPLOADER_ALLOW_NS_CONNECT := true
19
20# Include Secretkeeper TA
21SECRETKEEPER_ENABLED := true
22
23include project/$(QEMU_TRUSTY_PROJECT).mk
24
25# limit physical memory to 29 bits to make the mapping
26# as small as possible while covering the entire kernel plus
27# enough pages for the page tables for the initial mappings
28GLOBAL_DEFINES += MMU_IDENT_SIZE_SHIFT=29
29
30# Qemu statically built with glibc<2.29 uses a syscall to implement
31# clock_gettime instead of the VDSO, which makes the calls much slower
32APP_TIMERTEST_MAX_CLOCK_PERIOD := 2000
33
34# Derive RPMB key using HKDF
35WITH_HKDF_RPMB_KEY ?= true
36
37# Always allow provisioning for emulator builds
38STATIC_SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED := 1
39
40# Emulator builds are unlocked by default. qemu-generic-arm32-test-debug
41# overrides this to ensure that we have at least one target that tests with app
42# loading locked.
43STATIC_SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED ?= 1
44
45MODULES += \
46	trusty/user/app/storage/rpmb_dev \
47
48RPMB_DEV := $(BUILDDIR)/host_tools/rpmb_dev
49
50# Enable unittests that should only run in the emulator
51STORAGE_UNITTEST_ON_EMULATOR := true
52
53PROJECT_KEYS_DIR := $(PROJECT_QEMU_INC_LOCAL_DIR)/keys
54
55APPLOADER_SIGN_PRIVATE_KEY_0_FILE := \
56	$(PROJECT_KEYS_DIR)/apploader_sign_test_private_key_0.der
57
58APPLOADER_SIGN_PUBLIC_KEY_0_FILE := \
59	$(PROJECT_KEYS_DIR)/apploader_sign_test_public_key_0.der
60
61APPLOADER_SIGN_PRIVATE_KEY_1_FILE := \
62	$(PROJECT_KEYS_DIR)/apploader_sign_test_private_key_1.der
63
64APPLOADER_SIGN_PUBLIC_KEY_1_FILE := \
65	$(PROJECT_KEYS_DIR)/apploader_sign_test_public_key_1.der
66
67# Key ID 1 should only be allowed if SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED is
68# true
69APPLOADER_SIGN_KEY_1_UNLOCKED_ONLY := true
70
71# The default signing key is key 0, but each application
72# can specify a different key identifier
73APPLOADER_SIGN_KEY_ID ?= 0
74
75# Treat key slot 1 as a dev key by default. In tests this key is only expected
76# to be enabled if SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED is true.
77APPLOADER_SIGN_UNLOCKED_KEY_ID ?= 1
78
79APPLOADER_ENCRYPT_KEY_0_FILE := \
80	$(PROJECT_KEYS_DIR)/apploader_encrypt_test_key_0.bin
81
82LK_BIN := $(BUILDDIR)/lk.bin
83
84EXTRA_BUILDRULES += external/trusty/bootloader/test-runner/test-runner-inc.mk
85TEST_RUNNER_BIN := $(BUILDDIR)/test-runner/external/trusty/bootloader/test-runner/test-runner.bin
86
87ifeq (true,$(call TOBOOL,$(HAFNIUM)))
88HAFNIUM_OUT_DIR := $(BUILDDIR)/hafnium
89HAFNIUM_PREBUILTS := trusty/prebuilts/aosp/hafnium
90HAFNIUM_MANIFESTS := trusty/device/arm/generic-arm64/project/hafnium
91$(HAFNIUM_OUT_DIR)/%: $(HAFNIUM_PREBUILTS) $(HAFNIUM_MANIFESTS)
92	mkdir -p $(HAFNIUM_OUT_DIR)
93	cp -r $(HAFNIUM_PREBUILTS)/* $(HAFNIUM_OUT_DIR)
94	cp -r $(HAFNIUM_MANIFESTS)/* $(HAFNIUM_OUT_DIR)
95	ln -sf $(LK_BIN) $(HAFNIUM_OUT_DIR)/lk.bin
96BL32_BIN := $(HAFNIUM_OUT_DIR)/hafnium.bin
97else
98BL32_BIN := $(LK_BIN)
99endif
100
101ATF_DEBUG := 1
102ATF_PLAT := qemu
103ATF_WITH_TRUSTY_GENERIC_SERVICES := true
104ATF_BUILD_BASE := $(abspath $(BUILDDIR)/atf)
105ATF_TOOLCHAIN_PREFIX := $(ARCH_arm64_TOOLCHAIN_PREFIX)
106ATF_ROOT := $(call FIND_EXTERNAL,arm-trusted-firmware)
107include project/qemu-atf-inc.mk
108
109# Try using the qemu from the prebuilts
110QEMU_BUILD_BASE := $(abspath $(BUILDDIR)/qemu-build)
111QEMU_ARCH := aarch64
112QEMU_PREBUILTS := $(wildcard prebuilts/android-emulator/trusty-x86_64)
113
114ifeq (,$(QEMU_PREBUILTS))
115# No prebuilts, build qemu from source
116QEMU_ROOT := $(call FIND_EXTERNAL,qemu)
117QEMU_TARGET := aarch64-softmmu,arm-softmmu
118include project/qemu-qemu-inc.mk
119else
120# We have prebuilts, copy them into the build directory
121QEMU_BIN := $(QEMU_BUILD_BASE)/bin/qemu-system-$(QEMU_ARCH)
122
123$(QEMU_BUILD_BASE): $(QEMU_PREBUILTS)
124	@echo creating qemu output directory
125	@rm -rf $@
126	@cp -r $< $@
127
128# The binary is inside the build directory, so create
129# an empty dependency between them
130$(QEMU_BIN): $(QEMU_BUILD_BASE)
131	@echo creating qemu binary
132
133EXTRA_BUILDDEPS += $(QEMU_BUILD_BASE) $(QEMU_BIN)
134endif
135
136LINUX_ARCH ?= arm64
137include project/linux-inc.mk
138
139RUN_QEMU_SCRIPT := $(BUILDDIR)/run-qemu
140RUN_SCRIPT := $(BUILDDIR)/run
141STOP_SCRIPT := $(BUILDDIR)/stop
142QEMU_CONFIG := $(BUILDDIR)/config.json
143QEMU_PY := $(BUILDDIR)/qemu.py
144QEMU_ERROR_PY := $(BUILDDIR)/qemu_error.py
145QEMU_OPTIONS_PY := $(BUILDDIR)/qemu_options.py
146QEMU_LLDB_SUPPORT_PY := $(BUILDDIR)/lldb_support.py
147QEMU_LLDBINIT := $(BUILDDIR)/lldbinit
148PY3_CMD := $(BUILDDIR)/py3-cmd
149RUN_PY := $(BUILDDIR)/run.py
150
151$(ATF_OUT_DIR):
152	mkdir -p $@
153
154# For ATF bootloader semihosting calls, bl32 and bl33 need to be in place
155ATF_SYMLINKS := \
156	$(ATF_OUT_DIR)/bl32.bin \
157	$(ATF_OUT_DIR)/bl33.bin \
158
159$(ATF_OUT_DIR)/bl32.bin: $(BL32_BIN) $(ATF_OUT_DIR)
160	ln -sf $(abspath $<) $@
161
162$(ATF_OUT_DIR)/bl33.bin: $(TEST_RUNNER_BIN) $(ATF_OUT_DIR)
163	ln -sf $(abspath $<) $@
164
165ATF_OUT_COPIED_FILES := \
166	$(ATF_OUT_DIR)/firmware.android.dts \
167	$(ATF_OUT_DIR)/run-qemu-helper \
168
169$(ATF_OUT_COPIED_FILES): $(ATF_OUT_DIR)/% : $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/% $(ATF_OUT_DIR)
170	@echo copying $@
171	@cp $< $@
172
173$(ATF_OUT_DIR)/RPMB_DATA: ATF_OUT_DIR := $(ATF_OUT_DIR)
174$(ATF_OUT_DIR)/RPMB_DATA: $(RPMB_DEV)
175	@echo Initialize rpmb device
176	$< --dev $(ATF_OUT_DIR)/RPMB_DATA --init --size 2048
177
178QEMU_SCRIPTS := \
179	$(QEMU_PY) \
180	$(QEMU_ERROR_PY) \
181	$(QEMU_OPTIONS_PY) \
182	$(QEMU_LLDB_SUPPORT_PY) \
183	$(QEMU_LLDBINIT) \
184	$(RUN_PY)
185
186$(QEMU_SCRIPTS): .PHONY
187EXTRA_BUILDDEPS += $(QEMU_SCRIPTS)
188
189# Copied so that the resulting build tree contains all files needed to run
190$(QEMU_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/qemu.py
191	@echo copying $@
192	@cp $< $@
193
194# Copied so that the resulting build tree contains all files needed to run
195$(QEMU_ERROR_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/qemu_error.py
196	@echo copying $@
197	@cp $< $@
198
199# Script used to generate qemu architecture options. Need to specify qemu
200# options file name since different projects use different python script
201$(QEMU_OPTIONS_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/qemu_arm64_options.py
202	@echo copying $@
203	@cp $< $@
204
205# Script used in LLDB for setting breakpoints adjusted for KASLR and ASLR
206$(QEMU_LLDB_SUPPORT_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/lldb_support.py
207	@echo copying $@
208	@cp $< $@
209
210# Companion script to lldb_support.py that contains LLDB commands
211$(QEMU_LLDBINIT): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/lldbinit
212	@echo copying $@
213	@cp $< $@
214
215# Python version of the run shell script which can be imported by other Python
216# scripts for more granular control over how tests share emulator instances.
217# It serves as a wrapper around qemu.py which defaults the config.
218$(RUN_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/run.py
219	@echo copying $@
220	@cp $< $@
221
222# Copy prebuilt hermetic Python 3 command into the build directory so that the
223# build does not rely on the host having Python 3 installed. Hermetic python 3
224# contains the standard library so this is all we need to run the qemu scripts
225$(PY3_CMD): $(BUILDTOOLS_BINDIR)/py3-cmd
226	@echo copying $@
227	@$(MKDIR)
228	@cp $< $@
229
230EXTRA_BUILDDEPS += $(PY3_CMD)
231
232# List of files we need from Android
233ANDROID_OUT_FILES := \
234	out/host/linux-x86/bin/adb \
235	out/target/product/trusty/system.img \
236	out/target/product/trusty/vendor.img \
237	out/target/product/trusty/userdata.img \
238	out/target/product/trusty/data/nativetest64 \
239
240# Copy Android prebuilts into the build directory so that the build does not
241# depend on any files in the source tree. We want to package the build artifacts
242# without any dependencies on the sources.
243# Because files in the prebuilts directory are not writeable the directory must
244# be cleared before copying in the fresh content. `rm -rf` is used to accomplish
245# this because it bypasses writing un-writeable files in addition to bringing
246# the target directory to the same state as with a clean build.
247ANDROID_OUT_BUILD_DIR := $(BUILDDIR)/aosp/android
248
249ifneq (,$(ANDROID_BUILD_TOP))
250# We are building Trusty inside an Android environment,
251# which means we can use a fresh Android build instead of prebuilts
252ANDROID_OUT_SRC_DIR := $(ANDROID_BUILD_TOP)
253else
254ANDROID_OUT_SRC_DIR := trusty/prebuilts/aosp/android
255endif
256
257ANDROID_OUT_SRC_FILES := $(addprefix $(ANDROID_OUT_SRC_DIR)/,$(ANDROID_OUT_FILES))
258
259# Copy the files listed in ANDROID_OUT_FILES from ANDROID_OUT_SRC_DIR into
260# ANDROID_OUT_BUILD_DIR preserving the directory structure relative to the
261# top-level ANDROID_OUT_SRC_DIR directory
262$(ANDROID_OUT_BUILD_DIR): ANDROID_OUT_SRC_DIR := $(ANDROID_OUT_SRC_DIR)
263$(ANDROID_OUT_BUILD_DIR): ANDROID_OUT_FILES := $(ANDROID_OUT_FILES)
264$(ANDROID_OUT_BUILD_DIR): $(ANDROID_OUT_SRC_FILES)
265	@echo creating Android output directory
266	@rm -rf $@
267	@mkdir -p $@
268	@cd $(ANDROID_OUT_SRC_DIR) && cp -r --parents -t $@ $(ANDROID_OUT_FILES)
269
270EXTRA_BUILDDEPS += $(ANDROID_OUT_BUILD_DIR)
271
272# Save variables to a json file to export paths known to the build system to
273# the test system
274$(QEMU_CONFIG): QEMU_BIN := $(subst $(BUILDDIR)/,,$(QEMU_BIN))
275$(QEMU_CONFIG): EXTRA_QEMU_FLAGS := ["-machine", "gic-version=$(GIC_VERSION)"]
276$(QEMU_CONFIG): ATF_OUT_DIR := $(subst $(BUILDDIR)/,,$(ATF_OUT_DIR))
277$(QEMU_CONFIG): LINUX_BUILD_DIR := $(subst $(BUILDDIR)/,,$(LINUX_BUILD_DIR))
278$(QEMU_CONFIG): LINUX_ARCH := $(LINUX_ARCH)
279$(QEMU_CONFIG): ANDROID_OUT_BUILD_DIR := $(subst $(BUILDDIR)/,,$(ANDROID_OUT_BUILD_DIR))
280$(QEMU_CONFIG): RPMB_DEV := $(subst $(BUILDDIR)/,,$(RPMB_DEV))
281$(QEMU_CONFIG): $(ATF_OUT_COPIED_FILES) $(ATF_SYMLINKS) $(ATF_OUT_DIR)/RPMB_DATA
282	@echo generating $@
283	@echo '{ "linux": "$(LINUX_BUILD_DIR)",' > $@
284	@echo '  "linux_arch": "$(LINUX_ARCH)",' >> $@
285	@echo '  "atf": "$(ATF_OUT_DIR)", ' >> $@
286	@echo '  "qemu": "$(QEMU_BIN)", ' >> $@
287	@echo '  "extra_qemu_flags": $(EXTRA_QEMU_FLAGS), ' >> $@
288	@echo '  "android": "$(ANDROID_OUT_BUILD_DIR)", ' >> $@
289	@echo '  "rpmbd": "$(RPMB_DEV)", ' >> $@
290	@echo '  "arch": "$(ARCH)" }' >> $@
291
292EXTRA_BUILDDEPS += $(QEMU_CONFIG)
293
294# Create a wrapper script around run-qemu-helper which defaults arguments to
295# those needed to run this build
296$(RUN_QEMU_SCRIPT): QEMU_BIN := $(subst $(BUILDDIR)/,,$(QEMU_BIN))
297$(RUN_QEMU_SCRIPT): ATF_OUT_DIR := $(subst $(BUILDDIR)/,,$(ATF_OUT_DIR))
298$(RUN_QEMU_SCRIPT): LINUX_BUILD_DIR := $(subst $(BUILDDIR)/,,$(LINUX_BUILD_DIR))
299$(RUN_QEMU_SCRIPT): $(ATF_OUT_COPIED_FILES) $(ATF_SYMLINKS) $(ATF_OUT_DIR)/RPMB_DATA
300	@echo generating $@
301	@echo "#!/bin/sh" >$@
302	@echo 'SCRIPT_DIR=$$(dirname "$$0")' >>$@
303	@echo 'cd "$$SCRIPT_DIR/$(ATF_OUT_DIR)"' >>$@
304	@echo 'KERNEL_DIR="$$SCRIPT_DIR/$(LINUX_BUILD_DIR)" QEMU="$$SCRIPT_DIR/$(QEMU_BIN)" ./run-qemu-helper "$$@"' >>$@
305	@chmod +x $@
306
307EXTRA_BUILDDEPS += $(RUN_QEMU_SCRIPT)
308
309# The original run shell script was replaced by run.py. Create symlink to
310# preserve backwards compatibility.
311$(RUN_SCRIPT): $(RUN_PY)
312	@echo creating $@
313	@ln -sf $(abspath $<) $@
314
315EXTRA_BUILDDEPS += $(RUN_SCRIPT)
316
317# Create a script to stop all stale emulators.
318$(STOP_SCRIPT):
319	@echo generating $@
320	@echo "#!/bin/sh" >$@
321	@echo 'killall qemu-system-aarch64' >>$@
322	@chmod +x $@
323
324EXTRA_BUILDDEPS += $(STOP_SCRIPT)
325
326ifeq (true,$(call TOBOOL,$(PACKAGE_QEMU_TRUSTY)))
327
328# Files & directories to copy into QEMU package archive
329QEMU_PACKAGE_FILES := \
330	$(OUTBIN) $(QEMU_SCRIPTS) $(PY3_CMD) $(QEMU_CONFIG) $(RPMB_DEV) \
331	$(RUN_SCRIPT) $(RUN_QEMU_SCRIPT) $(STOP_SCRIPT) $(ANDROID_OUT_BUILD_DIR) \
332	$(QEMU_BIN) $(ATF_SYMLINKS) $(ATF_OUT_DIR)/bl31.bin \
333	$(ATF_OUT_DIR)/RPMB_DATA $(ATF_OUT_COPIED_FILES) $(LINUX_IMAGE) \
334
335# Other files/directories that should be included in the package but which are
336# not make targets and therefore cannot be pre-requisites. The target that
337# creates these files must be in the QEMU_PACKAGE_FILES variable.
338QEMU_PACKAGE_EXTRA_FILES := \
339	$(LINUX_BUILD_DIR)/arch $(LINUX_BUILD_DIR)/scripts $(ATF_BUILD_BASE) \
340	$(QEMU_BUILD_BASE) \
341
342include project/qemu-package-inc.mk
343endif
344
345ANDROID_OUT_FILES :=
346ANDROID_OUT_BUILD_DIR :=
347ANDROID_OUT_SRC_DIR :=
348ANDROID_OUT_SRC_FILES :=
349ATF_BUILD_BASE :=
350ATF_OUT_COPIED_FILES :=
351ATF_OUT_DIR :=
352ATF_SYMLINKS :=
353LINUX_ARCH :=
354LINUX_BUILD_DIR :=
355LINUX_IMAGE :=
356RUN_QEMU_SCRIPT :=
357RUN_SCRIPT :=
358TEST_RUNNER_BIN :=
359QEMU_BIN :=
360QEMU_BUILD_BASE :=
361QEMU_CONFIG :=
362QEMU_ERROR_PY :=
363QEMU_OPTIONS_PY :=
364QEMU_LLDB_SUPPORT_PY :=
365QEMU_LLDBINIT :=
366QEMU_PREBUILTS :=
367QEMU_PY :=
368QEMU_SCRIPTS :=
369PY3_CMD :=
370RUN_PY :=
371