Wednesday, 10 February 2016

How to set up and run OPTEE on QEMU

This is a tutorial on how to run Linaro's OPTEE Trusted Execution Environment on QEMU. I decided to write this post to help someone who might have trouble getting and building the correct versions. I had some trouble initially as well but with the help of Joakim Bech I was successful in building the right version and run my first secure application .Here are some pre-requisites.

1. Linux based machine.
2. Good internet plan
3. Some patience

Some Required Packages:

$ sudo apt-get install android-tools-fastboot autoconf bison cscope curl \ flex gdisk libc6:i386 libfdt-dev libglib2.0-dev \ libpixman-1-dev libstdc++6:i386 libz1:i386 netcat \ python-crypto python-serial uuid-dev xz-utils zlib1g-dev

$ sudo apt-get install ccache

We need to install the repo tool which is used by Android as well to make a central repo of the dependencies.
$ mkdir ~/bin
$ PATH=~/bin:$PATH
$ curl > ~/bin/repo
$ chmod a+x ~/bin/repo

Initialize and sync the repo
$ mkdir -p $HOME/devel/optee
$ cd $HOME/devel/optee
$ repo init -u -m default_stable.xml -b master
$ repo sync
This will take some time to finish depending on your internet speed, so sit back with a cup of coffee. Once this finishes we need to build the toolchains, I had some issues here so I will write my solution as well.
$ cd $HOME/devel/optee/build
$ make toolchains
If this step fails. For some reason it was unable to download the complete files for me so I will post the links where you can manually download the toolchains and paste them in the $HOME/devel/optee/toolchains folder, and I will also post my updated make file. Replace the existing from the build folder.
Updated make file:

Now, time to build!
$ cd $HOME/devel/optee/build
$ make all run

Congratulations, you have successfully built OPTEE, now you can start building applications for it, I will cover that in the next tutorial.