1# Copyright (C) 2018 The Android Open Source Project
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7#      http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14#
15
16PROJECT_QEMU_INC_LOCAL_DIR := $(GET_LOCAL_DIR)
17
18APPLOADER_ALLOW_NS_CONNECT := true
19
20# Include Secretkeeper TA
21SECRETKEEPER_ENABLED := true
22
23include project/$(QEMU_TRUSTY_PROJECT).mk
24
25# limit physical memory to 29 bits to make the mapping
26# as small as possible while covering the entire kernel plus
27# enough pages for the page tables for the initial mappings
28GLOBAL_DEFINES += MMU_IDENT_SIZE_SHIFT=29
29
30# Qemu statically built with glibc<2.29 uses a syscall to implement
31# clock_gettime instead of the VDSO, which makes the calls much slower
32APP_TIMERTEST_MAX_CLOCK_PERIOD := 2000
33
34# Derive RPMB key using HKDF
35WITH_HKDF_RPMB_KEY ?= true
36
37# Always allow provisioning for emulator builds
38STATIC_SYSTEM_STATE_FLAG_PROVISIONING_ALLOWED := 1
39
40# Emulator builds are unlocked by default. qemu-generic-arm32-test-debug
41# overrides this to ensure that we have at least one target that tests with app
42# loading locked.
43STATIC_SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED ?= 1
44
45MODULES += \
46	trusty/user/app/storage/rpmb_dev \
47
48RPMB_DEV := $(BUILDDIR)/host_tools/rpmb_dev
49
50# Enable unittests that should only run in the emulator
51STORAGE_UNITTEST_ON_EMULATOR := true
52
53PROJECT_KEYS_DIR := $(PROJECT_QEMU_INC_LOCAL_DIR)/keys
54
55APPLOADER_SIGN_PRIVATE_KEY_0_FILE := \
56	$(PROJECT_KEYS_DIR)/apploader_sign_test_private_key_0.der
57
58APPLOADER_SIGN_PUBLIC_KEY_0_FILE := \
59	$(PROJECT_KEYS_DIR)/apploader_sign_test_public_key_0.der
60
61APPLOADER_SIGN_PRIVATE_KEY_1_FILE := \
62	$(PROJECT_KEYS_DIR)/apploader_sign_test_private_key_1.der
63
64APPLOADER_SIGN_PUBLIC_KEY_1_FILE := \
65	$(PROJECT_KEYS_DIR)/apploader_sign_test_public_key_1.der
66
67# Key ID 1 should only be allowed if SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED is
68# true
69APPLOADER_SIGN_KEY_1_UNLOCKED_ONLY := true
70
71# The default signing key is key 0, but each application
72# can specify a different key identifier
73APPLOADER_SIGN_KEY_ID ?= 0
74
75# Treat key slot 1 as a dev key by default. In tests this key is only expected
76# to be enabled if SYSTEM_STATE_FLAG_APP_LOADING_UNLOCKED is true.
77APPLOADER_SIGN_UNLOCKED_KEY_ID ?= 1
78
79APPLOADER_ENCRYPT_KEY_0_FILE := \
80	$(PROJECT_KEYS_DIR)/apploader_encrypt_test_key_0.bin
81
82LK_BIN := $(BUILDDIR)/lk.bin
83
84EXTRA_BUILDRULES += external/trusty/bootloader/test-runner/test-runner-inc.mk
85TEST_RUNNER_BIN := $(BUILDDIR)/test-runner/external/trusty/bootloader/test-runner/test-runner.bin
86
87ifeq (true,$(call TOBOOL,$(HAFNIUM)))
88HAFNIUM_OUT_DIR := $(BUILDDIR)/hafnium
89HAFNIUM_PREBUILTS := trusty/prebuilts/aosp/hafnium
90HAFNIUM_MANIFESTS := trusty/device/arm/generic-arm64/project/hafnium
91$(HAFNIUM_OUT_DIR)/%: $(HAFNIUM_PREBUILTS) $(HAFNIUM_MANIFESTS)
92	mkdir -p $(HAFNIUM_OUT_DIR)
93	cp -r $(HAFNIUM_PREBUILTS)/* $(HAFNIUM_OUT_DIR)
94	cp -r $(HAFNIUM_MANIFESTS)/* $(HAFNIUM_OUT_DIR)
95	ln -sf $(LK_BIN) $(HAFNIUM_OUT_DIR)/lk.bin
96BL32_BIN := $(HAFNIUM_OUT_DIR)/hafnium.bin
97else
98BL32_BIN := $(LK_BIN)
99endif
100
101ATF_DEBUG := 1
102ATF_PLAT := qemu
103ATF_WITH_TRUSTY_GENERIC_SERVICES := true
104ATF_BUILD_BASE := $(abspath $(BUILDDIR)/atf)
105ATF_TOOLCHAIN_PREFIX := $(ARCH_arm64_TOOLCHAIN_PREFIX)
106ATF_ROOT := $(call FIND_EXTERNAL,arm-trusted-firmware)
107include project/qemu-atf-inc.mk
108
109# Try using the qemu from the prebuilts
110QEMU_BUILD_BASE := $(abspath $(BUILDDIR)/qemu-build)
111QEMU_ARCH := aarch64
112QEMU_PREBUILTS := $(wildcard prebuilts/android-emulator/trusty-x86_64)
113
114ifeq (,$(QEMU_PREBUILTS))
115# No prebuilts, build qemu from source
116QEMU_ROOT := $(call FIND_EXTERNAL,qemu)
117QEMU_TARGET := aarch64-softmmu,arm-softmmu
118include project/qemu-qemu-inc.mk
119else
120# We have prebuilts, copy them into the build directory
121QEMU_BIN := $(QEMU_BUILD_BASE)/bin/qemu-system-$(QEMU_ARCH)
122
123# The qemu prebuilts now contain an Android.bp file.
124# We do not want it in the build directory because Soong reads it.
125$(QEMU_BUILD_BASE): $(QEMU_PREBUILTS)
126	@echo creating qemu output directory
127	@rm -rf $@
128	@cp -r $< $@
129	@rm -f $@/Android.bp
130
131# The binary is inside the build directory, so create
132# an empty dependency between them
133$(QEMU_BIN): $(QEMU_BUILD_BASE)
134	@echo creating qemu binary
135
136EXTRA_BUILDDEPS += $(QEMU_BUILD_BASE) $(QEMU_BIN)
137endif
138
139LINUX_ARCH ?= arm64
140include project/linux-inc.mk
141
142RUN_SCRIPT := $(BUILDDIR)/run
143STOP_SCRIPT := $(BUILDDIR)/stop
144QEMU_CONFIG := $(BUILDDIR)/config.json
145QEMU_PY := $(BUILDDIR)/qemu.py
146QEMU_ERROR_PY := $(BUILDDIR)/qemu_error.py
147QEMU_OPTIONS_PY := $(BUILDDIR)/qemu_options.py
148QEMU_LLDB_SUPPORT_PY := $(BUILDDIR)/lldb_support.py
149QEMU_LLDBINIT := $(BUILDDIR)/lldbinit
150PY3_CMD := $(BUILDDIR)/py3-cmd
151RUN_PY := $(BUILDDIR)/run.py
152
153$(ATF_OUT_DIR):
154	mkdir -p $@
155
156# ATF built binaries
157ATF_BIN := $(ATF_OUT_DIR)/bl31.bin
158ATF_EXTRA_BINS := \
159	$(ATF_OUT_DIR)/bl1.bin \
160	$(ATF_OUT_DIR)/bl2.bin \
161
162# For ATF bootloader semihosting calls, bl32 and bl33 need to be in place
163ATF_SYMLINKS := \
164	$(ATF_OUT_DIR)/bl32.bin \
165	$(ATF_OUT_DIR)/bl33.bin \
166
167$(ATF_OUT_DIR)/bl32.bin: BUILDDIR := $(BUILDDIR)
168$(ATF_OUT_DIR)/bl32.bin: ATF_OUT_DIR := $(ATF_OUT_DIR)
169$(ATF_OUT_DIR)/bl32.bin: $(BL32_BIN) $(ATF_OUT_DIR)
170	$(NOECHO)ln -rsf $< $@
171
172$(ATF_OUT_DIR)/bl33.bin: BUILDDIR := $(BUILDDIR)
173$(ATF_OUT_DIR)/bl33.bin: ATF_OUT_DIR := $(ATF_OUT_DIR)
174$(ATF_OUT_DIR)/bl33.bin: $(TEST_RUNNER_BIN) $(ATF_OUT_DIR)
175	$(NOECHO)ln -rsf $< $@
176
177$(ATF_OUT_DIR)/RPMB_DATA: ATF_OUT_DIR := $(ATF_OUT_DIR)
178$(ATF_OUT_DIR)/RPMB_DATA: $(RPMB_DEV)
179	@echo Initialize rpmb device
180	$< --dev $(ATF_OUT_DIR)/RPMB_DATA --init --size 2048
181
182QEMU_SCRIPTS := \
183	$(QEMU_PY) \
184	$(QEMU_ERROR_PY) \
185	$(QEMU_OPTIONS_PY) \
186	$(QEMU_LLDB_SUPPORT_PY) \
187	$(QEMU_LLDBINIT) \
188	$(RUN_PY)
189
190$(QEMU_SCRIPTS): .PHONY
191EXTRA_BUILDDEPS += $(QEMU_SCRIPTS)
192
193# Copied so that the resulting build tree contains all files needed to run
194$(QEMU_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/qemu.py
195	@echo copying $@
196	@cp $< $@
197
198# Copied so that the resulting build tree contains all files needed to run
199$(QEMU_ERROR_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/qemu_error.py
200	@echo copying $@
201	@cp $< $@
202
203# Script used to generate qemu architecture options. Need to specify qemu
204# options file name since different projects use different python script
205$(QEMU_OPTIONS_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/qemu_arm64_options.py
206	@echo copying $@
207	@cp $< $@
208
209# Script used in LLDB for setting breakpoints adjusted for KASLR and ASLR
210$(QEMU_LLDB_SUPPORT_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/lldb_support.py
211	@echo copying $@
212	@cp $< $@
213
214# Companion script to lldb_support.py that contains LLDB commands
215$(QEMU_LLDBINIT): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/lldbinit
216	@echo copying $@
217	@cp $< $@
218
219# Python version of the run shell script which can be imported by other Python
220# scripts for more granular control over how tests share emulator instances.
221# It serves as a wrapper around qemu.py which defaults the config.
222$(RUN_PY): $(PROJECT_QEMU_INC_LOCAL_DIR)/qemu/run.py
223	@echo copying $@
224	@cp $< $@
225
226# Copy prebuilt hermetic Python 3 command into the build directory so that the
227# build does not rely on the host having Python 3 installed. Hermetic python 3
228# contains the standard library so this is all we need to run the qemu scripts
229$(PY3_CMD): $(BUILDTOOLS_BINDIR)/py3-cmd
230	@echo copying $@
231	@$(MKDIR)
232	@cp $< $@
233
234EXTRA_BUILDDEPS += $(PY3_CMD)
235
236# List of files we need from Android
237ANDROID_OUT_FILES := \
238	out/host/linux-x86/bin/adb \
239	out/target/product/trusty/ramdisk.img \
240	out/target/product/trusty/system.img \
241	out/target/product/trusty/vendor.img \
242	out/target/product/trusty/userdata.img \
243	out/target/product/trusty/data/nativetest64 \
244
245# Copy Android prebuilts into the build directory so that the build does not
246# depend on any files in the source tree. We want to package the build artifacts
247# without any dependencies on the sources.
248# Because files in the prebuilts directory are not writeable the directory must
249# be cleared before copying in the fresh content. `rm -rf` is used to accomplish
250# this because it bypasses writing un-writeable files in addition to bringing
251# the target directory to the same state as with a clean build.
252ANDROID_OUT_BUILD_DIR := $(BUILDDIR)/aosp/android
253
254ANDROID_OUT_IMAGE_DIR := $(ANDROID_OUT_BUILD_DIR)/out/target/product/trusty
255ANDROID_OUT_ADB_PATH := $(ANDROID_OUT_BUILD_DIR)/out/host/linux-x86/bin/adb
256
257ifneq (,$(ANDROID_BUILD_TOP))
258# We are building Trusty inside an Android environment,
259# which means we can use a fresh Android build instead of prebuilts
260ANDROID_OUT_SRC_DIR := $(ANDROID_BUILD_TOP)
261else
262ANDROID_OUT_SRC_DIR := trusty/prebuilts/aosp/android
263endif
264
265ANDROID_OUT_SRC_FILES := $(addprefix $(ANDROID_OUT_SRC_DIR)/,$(ANDROID_OUT_FILES))
266
267# Copy the files listed in ANDROID_OUT_FILES from ANDROID_OUT_SRC_DIR into
268# ANDROID_OUT_BUILD_DIR preserving the directory structure relative to the
269# top-level ANDROID_OUT_SRC_DIR directory
270$(ANDROID_OUT_BUILD_DIR): ANDROID_OUT_SRC_DIR := $(ANDROID_OUT_SRC_DIR)
271$(ANDROID_OUT_BUILD_DIR): ANDROID_OUT_IMAGE_DIR := $(ANDROID_OUT_IMAGE_DIR)
272$(ANDROID_OUT_BUILD_DIR): ANDROID_OUT_FILES := $(ANDROID_OUT_FILES)
273$(ANDROID_OUT_BUILD_DIR): LINUX_RAMDISK_IMAGE := $(LINUX_RAMDISK_IMAGE)
274$(ANDROID_OUT_BUILD_DIR): RAMDISK_CP := $(if $(LINUX_RAMDISK_IMAGE),cp,/bin/true)
275$(ANDROID_OUT_BUILD_DIR): $(ANDROID_OUT_SRC_FILES) $(LINUX_RAMDISK_IMAGE)
276	@echo creating Android output directory
277	@rm -rf $@
278	@mkdir -p $@
279	@cd $(ANDROID_OUT_SRC_DIR) && cp -r --parents -t $@ $(ANDROID_OUT_FILES)
280	@$(RAMDISK_CP) $(LINUX_RAMDISK_IMAGE) $(ANDROID_OUT_IMAGE_DIR)/ramdisk.img
281
282EXTRA_BUILDDEPS += $(ANDROID_OUT_BUILD_DIR)
283
284# Save variables to a json file to export paths known to the build system to
285# the test system
286$(QEMU_CONFIG): QEMU_BIN := $(subst $(BUILDDIR)/,,$(QEMU_BIN))
287$(QEMU_CONFIG): EXTRA_QEMU_FLAGS := ["-machine", "gic-version=$(GIC_VERSION)"]
288$(QEMU_CONFIG): ATF_OUT_DIR := $(subst $(BUILDDIR)/,,$(ATF_OUT_DIR))
289$(QEMU_CONFIG): LINUX_BUILD_DIR := $(subst $(BUILDDIR)/,,$(LINUX_BUILD_DIR))
290$(QEMU_CONFIG): LINUX_ARCH := $(LINUX_ARCH)
291$(QEMU_CONFIG): ANDROID_OUT_IMAGE_DIR := $(subst $(BUILDDIR)/,,$(ANDROID_OUT_IMAGE_DIR))
292$(QEMU_CONFIG): ANDROID_OUT_ADB_PATH := $(subst $(BUILDDIR)/,,$(ANDROID_OUT_ADB_PATH))
293$(QEMU_CONFIG): RPMB_DEV := $(subst $(BUILDDIR)/,,$(RPMB_DEV))
294$(QEMU_CONFIG): $(ATF_OUT_COPIED_FILES) $(ATF_SYMLINKS) $(ATF_OUT_DIR)/RPMB_DATA
295	@echo generating $@
296	@echo '{ "linux": "$(LINUX_BUILD_DIR)",' > $@
297	@echo '  "linux_arch": "$(LINUX_ARCH)",' >> $@
298	@echo '  "atf": "$(ATF_OUT_DIR)", ' >> $@
299	@echo '  "qemu": "$(QEMU_BIN)", ' >> $@
300	@echo '  "extra_qemu_flags": $(EXTRA_QEMU_FLAGS), ' >> $@
301	@echo '  "android_image_dir": "$(ANDROID_OUT_IMAGE_DIR)", ' >> $@
302	@echo '  "adb": "$(ANDROID_OUT_ADB_PATH)", ' >> $@
303	@echo '  "rpmbd": "$(RPMB_DEV)", ' >> $@
304	@echo '  "arch": "$(ARCH)" }' >> $@
305
306EXTRA_BUILDDEPS += $(QEMU_CONFIG)
307
308# The original run shell script was replaced by run.py. Create symlink to
309# preserve backwards compatibility.
310$(RUN_SCRIPT): $(RUN_PY)
311	@echo creating $@
312	@ln -sf $(abspath $<) $@
313
314EXTRA_BUILDDEPS += $(RUN_SCRIPT)
315
316# Create a script to stop all stale emulators.
317$(STOP_SCRIPT):
318	@echo generating $@
319	@echo "#!/bin/sh" >$@
320	@echo 'killall qemu-system-aarch64' >>$@
321	@chmod +x $@
322
323EXTRA_BUILDDEPS += $(STOP_SCRIPT)
324
325ifeq (true,$(call TOBOOL,$(PACKAGE_QEMU_TRUSTY)))
326
327# Files & directories to copy into QEMU package archive
328QEMU_PACKAGE_FILES := \
329	$(OUTBIN) $(QEMU_SCRIPTS) $(PY3_CMD) $(QEMU_CONFIG) $(RPMB_DEV) \
330	$(RUN_SCRIPT) $(STOP_SCRIPT) \
331	$(QEMU_BIN) $(ATF_BIN) $(ATF_SYMLINKS) \
332	$(ATF_OUT_DIR)/RPMB_DATA $(ATF_OUT_COPIED_FILES) $(LINUX_IMAGE) \
333
334ifneq (true,$(call TOBOOL,$(PACKAGE_QEMU_WITHOUT_ANDROID)))
335# The Android prebuilts are pretty large and not all users need them
336QEMU_PACKAGE_FILES += $(ANDROID_OUT_BUILD_DIR)
337endif
338
339# Other files/directories that should be included in the package but which are
340# not make targets and therefore cannot be pre-requisites. The target that
341# creates these files must be in the QEMU_PACKAGE_FILES variable.
342QEMU_PACKAGE_EXTRA_FILES := \
343	$(LINUX_BUILD_DIR)/scripts \
344	$(QEMU_BUILD_BASE) $(ATF_EXTRA_BINS) \
345
346QEMU_PACKAGE_ARCHIVE := $(BUILDDIR)/trusty_qemu_package.zip
347
348include project/qemu-package-inc.mk
349endif
350
351ifeq (true,$(call TOBOOL,$(PACKAGE_TRUSTY_IMAGES)))
352
353# Files & directories to copy into Trusty image archive for use with QEMU
354# emulator. This does not include the QEMU emulator itself, which is located in
355# prebuilts/android-emulator/trusty-x86_64/ and part of the trusty qemu device
356# host package built in AOSP.
357QEMU_PACKAGE_FILES := \
358	$(OUTBIN) $(QEMU_SCRIPTS) $(PY3_CMD) \
359	$(STOP_SCRIPT) \
360	$(ATF_BIN) $(ATF_SYMLINKS) $(TEST_RUNNER_BIN) \
361	$(ATF_OUT_DIR)/RPMB_DATA $(ATF_OUT_COPIED_FILES) \
362
363# Other files/directories that should be included in the package but which are
364# not make targets and therefore cannot be pre-requisites. The target that
365# creates these files must be in the QEMU_PACKAGE_FILES variable.
366QEMU_PACKAGE_EXTRA_FILES := \
367	$(ATF_EXTRA_BINS) \
368
369QEMU_PACKAGE_ARCHIVE := $(BUILDDIR)/trusty_image_package.tar.gz
370
371include project/qemu-package-inc.mk
372endif
373
374ANDROID_OUT_FILES :=
375ANDROID_OUT_BUILD_DIR :=
376ANDROID_OUT_SRC_DIR :=
377ANDROID_OUT_SRC_FILES :=
378ATF_BIN :=
379ATF_BUILD_BASE :=
380ATF_EXTRA_BINS :=
381ATF_OUT_COPIED_FILES :=
382ATF_OUT_DIR :=
383ATF_RELATIVE_TO_BUILD_BASE :=
384ATF_SYMLINKS :=
385LINUX_ARCH :=
386LINUX_BUILD_DIR :=
387LINUX_IMAGE :=
388LINUX_RAMDISK_IMAGE :=
389RUN_SCRIPT :=
390TEST_RUNNER_BIN :=
391QEMU_BIN :=
392QEMU_BUILD_BASE :=
393QEMU_CONFIG :=
394QEMU_ERROR_PY :=
395QEMU_OPTIONS_PY :=
396QEMU_LLDB_SUPPORT_PY :=
397QEMU_LLDBINIT :=
398QEMU_PREBUILTS :=
399QEMU_PY :=
400QEMU_SCRIPTS :=
401PY3_CMD :=
402RUN_PY :=
403