This is an automated email from the ASF dual-hosted git repository.
ivila pushed a commit to branch main
in repository
https://gitbox.apache.org/repos/asf/incubator-teaclave-trustzone-sdk.git
The following commit(s) were added to refs/heads/main by this push:
new fb30450 ci: add arm64 platform
fb30450 is described below
commit fb30450e7a7426b4bd138c54c3e851b1fc38ca5d
Author: ivila <[email protected]>
AuthorDate: Mon Apr 14 17:22:17 2025 +0800
ci: add arm64 platform
Signed-off-by: Zehui Chen <[email protected]>
Acked-by: Yuan Zhuang <[email protected]>
---
.github/workflows/ci.yml | 227 +++------------------------
.github/workflows/{ci.yml => reuse_test.yml} | 91 ++++-------
ci/ci.sh | 25 +--
setup_std_dependencies.sh | 4 +-
tests/optee-qemuv8.sh | 7 +-
tests/setup.sh | 6 +-
tests/test_secure_db_abstraction.sh | 5 +-
tests/test_secure_storage.sh | 5 +-
8 files changed, 82 insertions(+), 288 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 11cf899..a0e4a8e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -16,220 +16,31 @@
# under the License.
name: CI
+
on: [push, pull_request]
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
+
defaults:
run:
shell: bash
jobs:
- # Cross-compile for ARM64 on an AMD64 host and run unit-tests of (optee-utee
- # and optee-teec) on AMD64 host.
- build-utee-teec:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
- steps:
- - name: Checkout repository
- uses: actions/checkout@v2
- - name: Building
- run: |
- # Setup Rust and toolchains
- ./setup.sh
- source "$HOME/.cargo/env"
-
- # Build optee_os and optee_client for qemu_v8
- ./build_optee_libraries.sh $HOME
-
- # Setup environment
- export OPTEE_DIR=$HOME
- source environment
-
- # Run unit tests
- (cd optee-utee && SYS_BUILD_TYPE=unit_test cargo test --lib
--features no_panic_handler -vv)
- (cd optee-teec && SYS_BUILD_TYPE=unit_test cargo test --lib -vv)
- (cd optee-utee-build && cargo test -vv)
-
- # Build Rust optee-utee and optee-teec
- (cd optee-utee && cargo build --target aarch64-unknown-linux-gnu -vv)
- (cd optee-teec && cargo build --target aarch64-unknown-linux-gnu -vv)
-
- # Cross-compile on AMD64 and run tests in QEMU
- #
- # Cross-compile target pairs:
- # - (arm32 host, arm32 ta)
- # - (arm32 host, arm64 ta)
- # - (arm64 host, arm32 ta)
- # - (arm64 host, arm64 ta)
- #
- # Run tests target: (arm64 host, arm64 ta)
- build-and-test-examples:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
- steps:
- - name: Checkout repository
- uses: actions/checkout@v2
- - name: Building
- run: |
- # Setup Rust and toolchains
- ./setup.sh
- source "$HOME/.cargo/env"
-
- # Build optee_os and optee_client for qemu_v8
- ./build_optee_libraries.sh $HOME
- export OPTEE_DIR=$HOME
-
- # Build OP-TEE Rust examples for Arm 32-bit both host and TA
- export ARCH_HOST=arm
- export ARCH_TA=arm
- source environment
- make -j`nproc`
-
- # Build OP-TEE Rust examples for Arm 32-bit host and 64-bit TA
- export ARCH_HOST=arm
- unset ARCH_TA
- source environment
- make clean && make -j`nproc`
-
- # Build OP-TEE Rust examples for Arm 64-bit host and 32-bit TA
- unset ARCH_HOST
- export ARCH_TA=arm
- source environment
- make clean && make -j`nproc`
-
- # Build OP-TEE Rust examples for Arm 64-bit both host and TA
- unset ARCH_TA
- unset ARCH_HOST
- source environment
- make clean && make -j`nproc`
- - name: Run tests for Arm 64-bit both host and TA
- run: |
- source environment
- (cd ci && ./ci.sh)
-
- # Cross-compile for ARM64 on AMD64 and run tests in QEMU
- build-and-test-examples-for-64bit-std-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
- steps:
- - name: Checkout repository
- uses: actions/checkout@v2
- - name: Building Arm 64-bit both host and TA (with STD enabled)
- run: |
- # Setup Rust and toolchains
- ./setup.sh
- source "$HOME/.cargo/env"
-
- # Setup std dependencies
- ./setup_std_dependencies.sh
-
- # Build optee_os and optee_client for qemu_v8
- ./build_optee_libraries.sh $HOME
-
- # Setup environment
- export OPTEE_DIR=$HOME
- export STD=y
- source environment
-
- # Build OP-TEE Rust examples for Arm 64-bit both host and TA
- make -j2
-
- # Build project
- (cd projects/web3/eth_wallet && make)
- - name: Run tests for Arm 64-bit both host and TA
- run: |
- export STD=y
- source environment
- (cd ci && ./ci.sh)
-
- # Cross-compile for ARM32 on AMD64 and run tests in QEMU
- build-and-test-examples-for-32bit-std-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
- steps:
- - name: Checkout repository
- uses: actions/checkout@v2
- - name: Building Arm 64-bit both host and TA (with STD enabled)
- run: |
- # Setup Rust and toolchains
- ./setup.sh
- source "$HOME/.cargo/env"
-
- # Setup std dependencies
- ./setup_std_dependencies.sh
-
- # Build optee_os and optee_client for qemu_v8
- ./build_optee_libraries.sh $HOME
-
- # Setup environment
- export OPTEE_DIR=$HOME
- export ARCH_TA=arm
- export STD=y
- source environment
-
- # Build OP-TEE Rust examples for Arm 64-bit both host and TA
- make -j2
-
- # Build project
- (cd projects/web3/eth_wallet && make)
- - name: Run tests for Arm 32-bit both host and TA
- run: |
- export ARCH_TA=arm
- export STD=y
- source environment
- (cd ci && ./ci.sh)
-
- # Cross-compile for ARM64 on AMD64 and run tests in QEMU, use the check
script
- # in OP-TEE repo.
- OPTEE-repo-build-and-run-examples-64bit-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
- steps:
- - name: Remove /__t/*
- run: rm -rf /__t/*
- - name: Checkout repository
- uses: actions/checkout@v2
- with:
- submodules: recursive
- path: 'incubator-teaclave-trustzone-sdk'
- - name: Checkout OP-TEE repository
- run: |
- mkdir -p ~/optee-qemuv8 && cd ~/optee-qemuv8 &&
- repo init -u https://github.com/OP-TEE/manifest.git -m qemu_v8.xml &&
- repo sync -j4 --no-clone-bundle
- - name: Build images and run tests
- run: |
- cd ~/optee-qemuv8
- rm -rf optee_rust/ &&
- mv $GITHUB_WORKSPACE/incubator-teaclave-trustzone-sdk optee_rust/
- cd build &&
- make -j3 toolchains &&
- make -j`nproc` RUST_ENABLE=y check
-
- # Cross-compile for ARM32 on AMD64 and run tests in QEMU, use the check
script
- # in OP-TEE repo.
- OPTEE-repo-build-and-run-examples-32bit-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
- steps:
- - name: Remove /__t/*
- run: rm -rf /__t/*
- - name: Checkout repository
- uses: actions/checkout@v2
- with:
- submodules: recursive
- path: 'incubator-teaclave-trustzone-sdk'
- - name: Checkout OP-TEE repository
- run: |
- mkdir -p ~/optee-qemuv8 && cd ~/optee-qemuv8 &&
- repo init -u https://github.com/OP-TEE/manifest.git -m qemu_v8.xml &&
- repo sync -j4 --no-clone-bundle
- - name: Build images and run tests
- run: |
- cd ~/optee-qemuv8
- rm -rf optee_rust/ &&
- mv $GITHUB_WORKSPACE/incubator-teaclave-trustzone-sdk optee_rust/
- cd build &&
- make -j3 toolchains &&
- make -j`nproc` RUST_ENABLE=y COMPILE_S_USER=32 check
+ # Run test on AMD64 host
+ test-on-amd64-host:
+ uses: ./.github/workflows/reuse_test.yml
+ with:
+ runs-on: ubuntu-latest
+ container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+
+ # Run test on ARM64 host
+ test-on-arm64-host:
+ uses: ./.github/workflows/reuse_test.yml
+ with:
+ runs-on: ubuntu-24.04-arm
+ container: ghcr.io/ivila/teaclave-trustzone-sdk-ci-runner:ubuntu-24.04
# Run systest of optee_teec and build systest of optee_utee on ARM64
systest:
diff --git a/.github/workflows/ci.yml b/.github/workflows/reuse_test.yml
similarity index 75%
copy from .github/workflows/ci.yml
copy to .github/workflows/reuse_test.yml
index 11cf899..a2c8c2c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/reuse_test.yml
@@ -15,21 +15,28 @@
# specific language governing permissions and limitations
# under the License.
-name: CI
-on: [push, pull_request]
+on:
+ workflow_call:
+ inputs:
+ runs-on:
+ required: true
+ type: string
+ container:
+ required: true
+ type: string
+
defaults:
run:
shell: bash
jobs:
- # Cross-compile for ARM64 on an AMD64 host and run unit-tests of (optee-utee
- # and optee-teec) on AMD64 host.
+ # Cross-compile and run unit-tests of (optee-utee and optee-teec) on host.
build-utee-teec:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+ runs-on: ${{ inputs.runs-on }}
+ container: ${{ inputs.container }}
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v4
- name: Building
run: |
# Setup Rust and toolchains
@@ -52,7 +59,7 @@ jobs:
(cd optee-utee && cargo build --target aarch64-unknown-linux-gnu -vv)
(cd optee-teec && cargo build --target aarch64-unknown-linux-gnu -vv)
- # Cross-compile on AMD64 and run tests in QEMU
+ # Cross-compile on host and run tests in QEMU
#
# Cross-compile target pairs:
# - (arm32 host, arm32 ta)
@@ -62,11 +69,11 @@ jobs:
#
# Run tests target: (arm64 host, arm64 ta)
build-and-test-examples:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+ runs-on: ${{ inputs.runs-on }}
+ container: ${{ inputs.container }}
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v4
- name: Building
run: |
# Setup Rust and toolchains
@@ -105,13 +112,13 @@ jobs:
source environment
(cd ci && ./ci.sh)
- # Cross-compile for ARM64 on AMD64 and run tests in QEMU
+ # Cross-compile for ARM64 on host and run tests in QEMU
build-and-test-examples-for-64bit-std-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+ runs-on: ${{ inputs.runs-on }}
+ container: ${{ inputs.container }}
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v4
- name: Building Arm 64-bit both host and TA (with STD enabled)
run: |
# Setup Rust and toolchains
@@ -140,13 +147,13 @@ jobs:
source environment
(cd ci && ./ci.sh)
- # Cross-compile for ARM32 on AMD64 and run tests in QEMU
+ # Cross-compile for ARM32 on host and run tests in QEMU
build-and-test-examples-for-32bit-std-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+ runs-on: ${{ inputs.runs-on }}
+ container: ${{ inputs.container }}
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v4
- name: Building Arm 64-bit both host and TA (with STD enabled)
run: |
# Setup Rust and toolchains
@@ -177,16 +184,16 @@ jobs:
source environment
(cd ci && ./ci.sh)
- # Cross-compile for ARM64 on AMD64 and run tests in QEMU, use the check
script
+ # Cross-compile for ARM64 on host and run tests in QEMU, use the check script
# in OP-TEE repo.
OPTEE-repo-build-and-run-examples-64bit-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+ runs-on: ${{ inputs.runs-on }}
+ container: ${{ inputs.container }}
steps:
- name: Remove /__t/*
run: rm -rf /__t/*
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v4
with:
submodules: recursive
path: 'incubator-teaclave-trustzone-sdk'
@@ -204,16 +211,16 @@ jobs:
make -j3 toolchains &&
make -j`nproc` RUST_ENABLE=y check
- # Cross-compile for ARM32 on AMD64 and run tests in QEMU, use the check
script
+ # Cross-compile for ARM32 on host and run tests in QEMU, use the check script
# in OP-TEE repo.
OPTEE-repo-build-and-run-examples-32bit-TAs:
- runs-on: ubuntu-latest
- container: yuanz0/teaclave-trustzone-sdk:ubuntu-24.04
+ runs-on: ${{ inputs.runs-on }}
+ container: ${{ inputs.container }}
steps:
- name: Remove /__t/*
run: rm -rf /__t/*
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@v4
with:
submodules: recursive
path: 'incubator-teaclave-trustzone-sdk'
@@ -230,33 +237,3 @@ jobs:
cd build &&
make -j3 toolchains &&
make -j`nproc` RUST_ENABLE=y COMPILE_S_USER=32 check
-
- # Run systest of optee_teec and build systest of optee_utee on ARM64
- systest:
- runs-on: ubuntu-24.04-arm
- container: ghcr.io/ivila/teaclave-trustzone-sdk-ci-runner:ubuntu-24.04
- steps:
- - name: Checkout repository
- uses: actions/checkout@v4
-
- - name: Prepare Environment
- run: |
- # Setup Rust and toolchains
- ./setup.sh
- source "$HOME/.cargo/env"
- # Build optee_os and optee_client for qemu_v8
- ./build_optee_libraries.sh $HOME
- # Setup environment
- export OPTEE_DIR=$HOME
- source environment
- # Run systest
- export
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$OPTEE_DIR/optee_client/export_arm64/usr/lib
- (cd optee-teec && cargo run -p systest)
- (cd optee-utee && cargo build -p systest)
-
- license:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: Check License Header
- uses:
apache/skywalking-eyes/header@501a28d2fb4a9b962661987e50cf0219631b32ff
diff --git a/ci/ci.sh b/ci/ci.sh
index 6016891..6f026bc 100755
--- a/ci/ci.sh
+++ b/ci/ci.sh
@@ -21,6 +21,20 @@ set -xe
pushd ../tests
+# Prioritize running specialized test suites first, as they have a higher
+# probability of detecting failures early in the pipeline.
+# Run std only tests
+if [ "$STD" ]; then
+ ./test_serde.sh
+ ./test_message_passing_interface.sh
+ ./test_tls_client.sh
+ ./test_tls_server.sh
+ ./test_eth_wallet.sh
+ ./test_secure_db_abstraction.sh
+else
+ ./test_mnist_rs.sh
+fi
+
./test_hello_world.sh
./test_random.sh
./test_secure_storage.sh
@@ -39,16 +53,5 @@ pushd ../tests
./test_udp_socket.sh
./test_client_pool.sh
-# Run std only tests
-if [ "$STD" ]; then
- ./test_serde.sh
- ./test_message_passing_interface.sh
- ./test_tls_client.sh
- ./test_tls_server.sh
- ./test_eth_wallet.sh
- ./test_secure_db_abstraction.sh
-else
- ./test_mnist_rs.sh
-fi
popd
diff --git a/setup_std_dependencies.sh b/setup_std_dependencies.sh
index 6f58681..ff2e210 100755
--- a/setup_std_dependencies.sh
+++ b/setup_std_dependencies.sh
@@ -24,8 +24,8 @@ set -xe
cd "$(dirname "$0")"
##########################################
-# install Xargo
-cargo +stable install xargo
+# install Xargo if not exist
+which xargo || cargo +stable install xargo
##########################################
# initialize submodules: rust / libc
diff --git a/tests/optee-qemuv8.sh b/tests/optee-qemuv8.sh
index 2a44e21..bd334f2 100755
--- a/tests/optee-qemuv8.sh
+++ b/tests/optee-qemuv8.sh
@@ -22,13 +22,14 @@ cd $1 && ./qemu-system-aarch64 \
-nographic \
-serial stdio -serial file:/tmp/serial.log \
-smp 2 \
- -s -machine virt,secure=on,gic-version=3 -cpu cortex-a57 \
+ -s -machine virt,secure=on,acpi=off,gic-version=3 \
+ -cpu cortex-a57 \
-d unimp -semihosting-config enable=on,target=native \
-m 1057 \
-bios bl1.bin \
-initrd rootfs.cpio.gz \
- -append 'console=ttyAMA0,38400 keep_bootcon root=/dev/vda2' \
- -kernel Image -no-acpi \
+ -append 'console=ttyAMA0,115200 keep_bootcon root=/dev/vda2' \
+ -kernel Image \
-fsdev local,id=fsdev0,path=$(pwd)/../shared,security_model=none \
-device virtio-9p-device,fsdev=fsdev0,mount_tag=host \
-netdev user,id=vmnic,hostfwd=:127.0.0.1:54433-:4433 \
diff --git a/tests/setup.sh b/tests/setup.sh
index 6e7329f..72598ac 100755
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -23,7 +23,7 @@ set -xe
: ${NEED_EXPANDED_MEM:=false}
# Define IMG_VERSION
-IMG_VERSION="optee-qemuv8-4.2.0-ubuntu-24.04"
+IMG_VERSION="$(uname -m)-optee-qemuv8-ubuntu-24.04"
# Set IMG based on NEED_EXPANDED_MEM
if [ "$NEED_EXPANDED_MEM" = true ]; then
@@ -39,12 +39,12 @@ download_image() {
# Functions for running commands in QEMU screen
run_in_qemu() {
- screen -S qemu_screen -p 0 -X stuff "$1\n"
+ (screen -S qemu_screen -p 0 -X stuff "$1\n") || (echo "run_in_qemu '$1'
failed" && cat /tmp/serial.log)
sleep 5
}
run_in_qemu_with_timeout_secs() {
- screen -S qemu_screen -p 0 -X stuff "$1\n"
+ (screen -S qemu_screen -p 0 -X stuff "$1\n") || (echo "run_in_qemu '$1'
failed" && cat /tmp/serial.log)
sleep $2
}
diff --git a/tests/test_secure_db_abstraction.sh
b/tests/test_secure_db_abstraction.sh
index 6bb0637..db97190 100755
--- a/tests/test_secure_db_abstraction.sh
+++ b/tests/test_secure_db_abstraction.sh
@@ -28,7 +28,8 @@ cp
../examples/secure_db_abstraction-rs/host/target/$TARGET_HOST/release/secure_
# Run script specific commands in QEMU
run_in_qemu "cp *.ta /lib/optee_armtz/\n"
-run_in_qemu "./secure_db_abstraction-rs\n"
+# IO could be much slower than expected
+run_in_qemu_with_timeout_secs "./secure_db_abstraction-rs\n" 10
run_in_qemu "^C"
# Script specific checks
@@ -40,4 +41,4 @@ run_in_qemu "^C"
false
}
-rm screenlog.0
\ No newline at end of file
+rm screenlog.0
diff --git a/tests/test_secure_storage.sh b/tests/test_secure_storage.sh
index 7bf827f..e5d7e9b 100755
--- a/tests/test_secure_storage.sh
+++ b/tests/test_secure_storage.sh
@@ -28,7 +28,8 @@ cp
../examples/secure_storage-rs/host/target/$TARGET_HOST/release/secure_storage
# Run script specific commands in QEMU
run_in_qemu "cp *.ta /lib/optee_armtz/\n"
-run_in_qemu "./secure_storage-rs\n"
+# IO could be much slower than expected
+run_in_qemu_with_timeout_secs "./secure_storage-rs\n" 10
run_in_qemu "^C"
# Script specific checks
@@ -50,4 +51,4 @@ run_in_qemu "^C"
false
}
-rm screenlog.0
\ No newline at end of file
+rm screenlog.0
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
