From 018bdf7f71e85d585d358f1d481b0061278a94b0 Mon Sep 17 00:00:00 2001
From: Jens Wiklander <jens.wiklander@linaro.org>
Date: Fri, 3 Jan 2025 15:35:22 +0100
Subject: [PATCH 1/2] qemu_v8: add Trusted Services support

Add support for building the SPMC test Secure Partitions (SPs)
implemented by the Trusted Services project.

The build system is configured to build SPs with SEL0_SPS=y:
- the SPs are embedded into the OP-TEE binary
- the ffa_spmc testsuite is enabled in in xtest
- the out-of-tree linux-arm-ffa-user kernel module is build
- a S30test-arm-ffa-user init-script loads the kernel module during boot

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
---
 .../optee_test_ext/S30test-arm-ffa-user       | 42 +++++++++++++++++++
 .../package/optee_test_ext/optee_test_ext.mk  |  5 +++
 qemu_v8.mk                                    | 37 ++++++++++++++--
 3 files changed, 81 insertions(+), 3 deletions(-)
 create mode 100644 br-ext/package/optee_test_ext/S30test-arm-ffa-user

diff --git a/br-ext/package/optee_test_ext/S30test-arm-ffa-user b/br-ext/package/optee_test_ext/S30test-arm-ffa-user
new file mode 100644
index 00000000..c5b8a08b
--- /dev/null
+++ b/br-ext/package/optee_test_ext/S30test-arm-ffa-user
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+ARM_FFA_USER_DIR=/mnt/host/out/linux-arm-ffa-user
+
+start() {
+	if [ -x $ARM_FFA_USER_DIR/load_module.sh ]; then
+		if ! grep -qs arm_ffa_user /proc/modules; then
+			echo "Loading arm-ffa-user kernel module"
+			$ARM_FFA_USER_DIR/load_module.sh
+		fi
+	fi
+
+	return $?
+}
+
+stop() {
+	if [ -x $ARM_FFA_USER_DIR/load_module.sh ]; then
+		if grep -qs arm_ffa_user /proc/modules; then
+			echo "Unloading arm-ffa-user kernel module"
+			rmmod arm-ffa-user
+		fi
+	fi
+
+	return $?
+}
+
+restart() {
+	stop
+	sleep 1
+	start
+}
+
+case "$1" in
+        start|stop|restart)
+		"$1";;
+	reload)
+		# Restart, since there is no "reload" feature
+		restart;;
+        *)
+                echo "Usage: $0 {start|stop|restart|reload}"
+                exit 1
+esac
diff --git a/br-ext/package/optee_test_ext/optee_test_ext.mk b/br-ext/package/optee_test_ext/optee_test_ext.mk
index 4962496e..c978d2cd 100644
--- a/br-ext/package/optee_test_ext/optee_test_ext.mk
+++ b/br-ext/package/optee_test_ext/optee_test_ext.mk
@@ -23,6 +23,11 @@ ifneq ($(BR2_PACKAGE_OPTEE_TEST_EXT_WITH_CXX_TESTS),)
 TARGET_CONFIGURE_OPTS += WITH_CXX_TESTS=$(BR2_PACKAGE_OPTEE_TEST_EXT_WITH_CXX_TESTS)
 endif
 
+define OPTEE_TEST_EXT_INSTALL_INIT_SYSV
+	$(INSTALL) -m 0755 -D $(OPTEE_TEST_EXT_PKGDIR)/S30test-arm-ffa-user \
+		$(TARGET_DIR)/etc/init.d/S30test-arm-ffa-user
+endef
+
 define OPTEE_TEST_EXT_PREPARE_GP_SUITE
 	sh $(@D)/host/xtest/gp/prepare_suite.sh $(@D) \
 		$(BR2_PACKAGE_OPTEE_TEST_EXT_GP_PACKAGE)
diff --git a/qemu_v8.mk b/qemu_v8.mk
index 0b7c778e..1fa06b75 100644
--- a/qemu_v8.mk
+++ b/qemu_v8.mk
@@ -38,13 +38,23 @@ endif
 # Enable fTPM
 MEASURED_BOOT_FTPM ?= y
 
-include common.mk
-
 DEBUG ?= 1
 
 # Option to build with GICV3 enabled
 GICV3 ?= y
 
+
+SEL0_SPS ?= n
+ifeq ($(SEL0_SPS),y)
+SPMC_AT_EL = 1
+ifneq ($(SPMC_AT_EL),1)
+$(error Unsupported SPMC_AT_EL value $(SPMC_AT_EL) for SEL0_SPS=y)
+endif
+# Needed for arm-ffa-user.ko
+QEMU_VIRTFS_AUTOMOUNT = y
+LINUX_COMMON_TARGETS += modules
+endif
+
 # Option to configure FF-A and SPM:
 # n:	disabled
 # 3:	SPMC and SPMD at EL3 (in TF-A)
@@ -61,11 +71,14 @@ PAUTH ?= n
 # Option to configure Memory Tagging Extension
 MEMTAG ?= n
 
+include common.mk
+
 ################################################################################
 # Paths to git projects and various binaries
 ################################################################################
 TF_A_PATH		?= $(ROOT)/trusted-firmware-a
-BINARIES_PATH		?= $(ROOT)/out/bin
+OUT_PATH		?= $(ROOT)/out
+BINARIES_PATH		?= $(OUT_PATH)/bin
 QEMU_PATH		?= $(ROOT)/qemu
 QEMU_BUILD		?= $(QEMU_PATH)/build
 MODULE_OUTPUT		?= $(ROOT)/out/kernel_modules
@@ -348,6 +361,24 @@ LINUX_CLEANER_COMMON_FLAGS += ARCH=arm64
 
 linux-cleaner: linux-cleaner-common
 
+################################################################################
+# Trusted Services
+################################################################################
+ifeq ($(SEL0_SPS),y)
+SP_PACKAGING_METHOD = embedded
+SPMC_TESTS=y
+include trusted-services.mk
+
+# SPMC test SPs
+OPTEE_OS_COMMON_EXTRA_FLAGS     += CFG_SPMC_TESTS=y CFG_SECURE_PARTITION=y
+OPTEE_OS_COMMON_EXTRA_FLAGS     += CFG_SP_SKIP_FAILED=y
+OPTEE_OS_COMMON_EXTRA_FLAGS     += CFG_DT=y CFG_MAP_EXT_DT_SECURE=y
+$(eval $(call build-sp,spm-test1,opteesp,5c9edbc3-7b3a-4367-9f83-7c191ae86a37,$(SP_SPMC_TEST_EXTRA_FLAGS)))
+$(eval $(call build-sp,spm-test2,opteesp,7817164c-c40c-4d1a-867a-9bb2278cf41a,$(SP_SPMC_TEST_EXTRA_FLAGS)))
+$(eval $(call build-sp,spm-test3,opteesp,23eb0100-e32a-4497-9052-2f11e584afa6,$(SP_SPMC_TEST_EXTRA_FLAGS)))
+$(eval $(call build-sp,spm-test4,opteesp,423762ed-7772-406f-99d8-0c27da0abbf8,$(SP_SPMC_TEST_EXTRA_FLAGS)))
+endif
+
 ################################################################################
 # OP-TEE
 ################################################################################

From cfc55eae5f26da7a134e25b00fc38266d3d14d16 Mon Sep 17 00:00:00 2001
From: Jens Wiklander <jens.wiklander@linaro.org>
Date: Wed, 8 Jan 2025 16:58:18 +0100
Subject: [PATCH 2/2] [review] qemu_v8: add Trusted Services support

Adding DCFG_TEST_MEM_REGION_ADDRESS

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
---
 qemu_v8.mk | 1 +
 1 file changed, 1 insertion(+)

diff --git a/qemu_v8.mk b/qemu_v8.mk
index 1fa06b75..f28b8f2c 100644
--- a/qemu_v8.mk
+++ b/qemu_v8.mk
@@ -373,6 +373,7 @@ include trusted-services.mk
 OPTEE_OS_COMMON_EXTRA_FLAGS     += CFG_SPMC_TESTS=y CFG_SECURE_PARTITION=y
 OPTEE_OS_COMMON_EXTRA_FLAGS     += CFG_SP_SKIP_FAILED=y
 OPTEE_OS_COMMON_EXTRA_FLAGS     += CFG_DT=y CFG_MAP_EXT_DT_SECURE=y
+SP_SPMC_TEST_EXTRA_FLAGS	+= -DCFG_TEST_MEM_REGION_ADDRESS=0x0efff000
 $(eval $(call build-sp,spm-test1,opteesp,5c9edbc3-7b3a-4367-9f83-7c191ae86a37,$(SP_SPMC_TEST_EXTRA_FLAGS)))
 $(eval $(call build-sp,spm-test2,opteesp,7817164c-c40c-4d1a-867a-9bb2278cf41a,$(SP_SPMC_TEST_EXTRA_FLAGS)))
 $(eval $(call build-sp,spm-test3,opteesp,23eb0100-e32a-4497-9052-2f11e584afa6,$(SP_SPMC_TEST_EXTRA_FLAGS)))