1--- 2permalink: /trustzone-sdk-docs/getting-started-with-optee-for-qemu-armv8 3--- 4 5# Getting Started with OP-TEE for QEMU ARMv8 6 7This tutorial summarizes the necessary steps of preparing an OP-TEE enabled 8QEMU environment and executing the compiled programs of our SDK. You may also 9check [OP-TEE documentation](https://optee.readthedocs.io/en/latest/building/devices/qemu.html#qemu-v8) 10to find more information about setting up the QEMU or introduction of OP-TEE 11project. 12 13To run examples on the QEMU ARMv8 emulator, we need first build OP-TEE for QEMU 14ARMv8. You can install dependencies with this 15[instruction](https://optee.readthedocs.io/en/latest/building/prerequisites.html) 16or use our [Dockerfile](https://github.com/apache/incubator-teaclave-trustzone-sdk/blob/master/Dockerfile). 17 18Download OP-TEE for QEMU ARMv8 source code. 19 20```sh 21$ mkdir -p ~/bin 22$ curl https://storage.googleapis.com/git-repo-downloads/repo-1 > ~/bin/repo && chmod a+x ~/bin/repo 23$ export PATH=~/bin:$PATH 24$ mkdir optee-qemuv8-3.14.0 && cd optee-qemuv8-3.14.0 && \ 25 repo init -u https://github.com/OP-TEE/manifest.git -m qemu_v8.xml -b 3.14.0 && \ 26 repo sync -j4 --no-clone-bundle 27``` 28 29Build OP-TEE for QEMU ARMv8 and images. 30 31```sh 32$ cd build 33$ make -j2 toolchains && \ 34 make QEMU_VIRTFS_ENABLE=y CFG_TEE_RAM_VA_SIZE=0x00300000 35``` 36 37Create a shared folder to share example host apps and TAs with QEMU guest system. 38 39Note: the path `/project/root/dir/` should be replaced as the root directory of your local project "rust-optee-trustzone-sdk". 40```sh 41$ mkdir shared_folder 42$ (cd /project/root/dir/ && make examples-install) 43$ cp -r /project/root/dir/out/* shared_folder/ 44``` 45 46Run QEMU. 47 48```sh 49$ make run-only QEMU_VIRTFS_ENABLE=y QEMU_VIRTFS_HOST_DIR=$(pwd)/shared_folder 50``` 51 52After the QEMU has been booted, you need to mount the shared folder in QEMU guest system (username: root), in order to access the compiled CA/TA from QEMU. 53 54```sh 55$ mkdir shared && mount -t 9p -o trans=virtio host shared 56``` 57 58Also, the passed-in TA should be copied to the corresponding directory for the secure-world to execute. 59 60```sh 61$ cd shared && cp ta/*.ta /lib/optee_armtz/ 62``` 63 64Execute host apps. 65 66```sh 67$ cd host 68$ ./hello_world 69original value is 29 70inc value is 129 71dec value is 29 72Success 73``` 74 75Note that if you are under a environment without GUI, you please comment out the following code in `qemu_v8.mk` and use `nc` instead. 76 77``` 78diff --git a/qemu_v8.mk b/qemu_v8.mk 79index 8271590..1c4a91b 100644 80--- a/qemu_v8.mk 81+++ b/qemu_v8.mk 82@@ -163,9 +163,9 @@ run-only: 83 ln -sf $(ROOT)/out-br/images/rootfs.cpio.gz $(BINARIES_PATH)/ 84 $(call check-terminal) 85 $(call run-help) 86- $(call launch-terminal,54320,"Normal World") 87- $(call launch-terminal,54321,"Secure World") 88- $(call wait-for-ports,54320,54321) 89+ # $(call launch-terminal,54320,"Normal World") 90+ # $(call launch-terminal,54321,"Secure World") 91+ # $(call wait-for-ports,54320,54321) 92 cd $(BINARIES_PATH) && $(QEMU_PATH)/aarch64-softmmu/qemu-system-aarch64 \ 93 -nographic \ 94 -serial tcp:localhost:54320 -serial tcp:localhost:54321 \ 95``` 96 97Before start QEMU, run two `nc` to listen port `54320` and `54321`. 98 99``` 100$ nc -l 127.0.0.1 -p 54320 101$ nc -l 127.0.0.1 -p 54321 102``` 103 104Then open QEMU by `make run-only`, and start by input `c`. 105