如何在QEMU中模拟TrustZone? [英] How to emulate TrustZone in QEMU?

问题描述

我正在尝试在Qemu中模拟TrustZone功能. 我发现似乎可以解释此过程的两个链接.

I'm trying to emulate TrustZone features in Qemu. I've found two links that seems explain this process.

第一参考未附加图片支持TrustZone的内核(在哪里可以找到它?)

The First Reference doesn't attach the image kernel that supports TrustZone (where can I find it?)

第二参考解释了如何编译内核，但是它并非以第一个网站中编写的命令行开头，如下所示:

The Second Reference explains how can I compile a kernel but it doesn't start with the command line written in the first website which is as follows

./arm-softmmu/qemu-system-arm -kernel $PATH_TO_KERNEL/zImage -M vexpress-a15 -cpu cortex-a15 -dtb PATH_TO_DTB/vexpress-v2p-ca15-tc1.dtb -m 1024 -append 'console=ttyAMA0,38400n8' -serial stdio -initrd $PATH_TO_INITRD/initrd.img

是否有另一种方法来运行TrustZone仿真器?

Is there an alternate way to run a TrustZone emulator?

推荐答案

使用 OP-TEE (开源TEE)，在QEMU上运行TrustZone非常容易.您拥有整个堆栈，从正常世界的用户空间到Linux内核，再到安全的世界，都在运行代码，同时运行TEE本身和受信任的应用程序. QEMU + OP-TEE在ARMv7-A和ARMv8-A上均可使用.如果您想在本地PC上试用，建议您转到 optee_os/README.md ，并按照第4.1节，第5节(仅与QEMU相关)和第6节中的说明进行操作.总而言之，我们在shell中讨论的命令少于10个，您将下载，编译所有源代码，并进行所有操作并在您的PC上本地运行.

With OP-TEE (an open source TEE) it's very easy to run TrustZone on QEMU. You have the entire stack running code from normal world user space and Linux kernel down to secure world, running both the TEE itself as well as Trusted Applications. QEMU + OP-TEE works on both ARMv7-A and ARMv8-A. If you want to try it out on a local PC I encourage that you head over to optee_os/README.md and follow the instructions in section 4.1, 5 (only QEMU related) and 6. All in all, we're talking about less than 10 commands in a shell and you'll have all the source code downloaded, compiled and everything up and running locally on your PC.

我写了博客文章关于为什么QEMU是进行TrustZone开发的不错选择的原因.

I wrote a blog post about why QEMU is a pretty good choice for doing TrustZone development.

这篇关于如何在QEMU中模拟TrustZone?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！