Lines Matching +full:secure +full:- +full:firmware

1 Board qemu_arm_vexpress_tz builds a QEMU ARMv7-A target system with
2 OP-TEE running in the TrustZone secure world and a Linux based
3 OS running in the non-secure world. The board configuration enables
9 The BIOS used in the QEMU host is the ARM Trusted Firmware-A (TF-A).
10 In our configuration, U-Boot uses QEMU semihosting file access to load the
14   cd output/images && ../host/bin/qemu-system-arm \
15 	-machine virt -machine secure=on -cpu cortex-a15 \
16 	-smp 1 -s -m 1024 -d unimp \
17 	-serial stdio \
18 	-netdev user,id=vmnic -device virtio-net-device,netdev=vmnic \
19 	-semihosting-config enable,target=native \
20 	-bios flash.bin # qemu_arm_vexpress_tz_defconfig
25 If you want to emulate more cores, use "-smp {1|2|3|4}" to select the
28 Note: "-netdev user,id=vmnic -device virtio-net-device,netdev=vmnic"
29 brings network support that is used i.e. in OP-TEE regression tests.
32 -- Boot Details --
34 TF-A is used as QEMU BIOS. Its BL1 image boots and load its BL2 image. In turn,
35 this image loads the OP-TEE secure world (ARMv7-A BL32 stage) and the U-boot as
36 non-secure bootloader (BL33 stage).
38 QEMU natively hosts and loads in RAM the QEMU ARM target device tree. OP-TEE
39 reads and modifies its content according to OP-TEE configuration.
41 Enable TF-A traces from LOG_LEVEL (I.e LOG_LEVEL=40) from
45 -- OP-TEE Traces --
47 Secure boot stages and/or secure runtime services may use a serial link for
50 The ARM Trusted Firmware outputs its traces on the QEMU standard (first)
53 The OP-TEE OS uses the QEMU second serial interface.
55 To get the OP-TEE OS traces, append a second -serial argument after
56 -serial stdio in the QEMU command line. I.e, the following enables 2 serial
59   cd output/images && ../host/bin/qemu-system-arm \
60 	-machine virt -machine secure=on -cpu cortex-a15 \
61 	-smp 1 -s -m 1024 -d unimp \
62 	-serial telnet:127.0.0.1:1235,server \
63 	-serial telnet:127.0.0.1:1236,server \
64 	-netdev user,id=vmnic -device virtio-net-device,netdev=vmnic \
65 	-semihosting-config enable,target=native \
66 	-bios flash.bin
69 telnet connection on the port for the U-boot and Linux consoles:
73 and again for the secure console
78 -- Using gdb --
80 One can debug the OP-TEE secure world using GDB through the QEMU host.
81 To do so, simply run the qemu-system-arm emulation, then run a GDB client
85 host computer. We use option -S of qemu-system-arm to make QEMU
89   cd output/images && ../host/bin/qemu-system-arm \
90 	-machine virt -machine secure=on -cpu cortex-a15 \
91 	-smp 1 -s -m 1024 -d unimp \
92 	-serial stdio \
93 	-netdev user,id=vmnic -device virtio-net-device,netdev=vmnic \
94 	-semihosting-config enable,target=native \
95 	-bios flash.bin \
96 	-S
99   ./output/host/bin/arm-linux-gdb
100 …GNU gdb (GNU Toolchain for the A-profile Architecture 8.2-2018-08 (arm-rel-8.23)) 8.1.1.20180704-g…
107 From this GDB console, connect to the target, load the OP-TEE core symbols,
111   (gdb) symbol-file ./output/build/optee-os-<reference>/out/core/tee.elf
122 Emulation has started, TF-A has loaded OP-TEE and U-boot images in memory and
123 has booted OP-TEE. Emulation stopped at OP-TEE core entry.
126 qemu-system-arm command line option -s.