├── Dockerfile ├── README.md ├── launch_optee.sh └── run.sh /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:22.04 2 | MAINTAINER Joakim Bech (joakim.bech@linaro.org) 3 | 4 | ENV DEBIAN_FRONTEND noninteractive 5 | 6 | ENV TZ=Europe/Stockholm 7 | 8 | RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone 9 | 10 | RUN apt-get update 11 | 12 | RUN apt-get -y --allow-downgrades --allow-remove-essential --allow-change-held-packages install apt-utils 13 | 14 | RUN apt-get -y --allow-downgrades --allow-remove-essential --allow-change-held-packages install \ 15 | adb \ 16 | acpica-tools \ 17 | autoconf \ 18 | automake \ 19 | bc \ 20 | bison \ 21 | build-essential \ 22 | ccache \ 23 | cscope \ 24 | curl \ 25 | device-tree-compiler \ 26 | expect \ 27 | fastboot \ 28 | flex \ 29 | ftp-upload \ 30 | gdisk \ 31 | libattr1-dev \ 32 | libcap-dev \ 33 | libcap-ng-dev \ 34 | libfdt-dev \ 35 | libftdi-dev \ 36 | libglib2.0-dev \ 37 | libgmp3-dev \ 38 | libhidapi-dev \ 39 | libmpc-dev \ 40 | libncurses5-dev \ 41 | libpixman-1-dev \ 42 | libssl-dev \ 43 | libtool \ 44 | make \ 45 | mtools \ 46 | netcat \ 47 | ninja-build \ 48 | python3-cryptography \ 49 | python3-pip \ 50 | python3-pyelftools \ 51 | python3-serial \ 52 | python-is-python3 \ 53 | rsync \ 54 | unzip \ 55 | uuid-dev \ 56 | vim \ 57 | xdg-utils \ 58 | xterm \ 59 | xz-utils \ 60 | zlib1g-dev \ 61 | # extra for Docker only \ 62 | curl \ 63 | cpio \ 64 | git \ 65 | wget 66 | 67 | # Download repo 68 | RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /bin/repo 69 | RUN chmod a+x /bin/repo 70 | 71 | # Exchange 1000 to the user id of the current user 72 | RUN useradd --shell /bin/bash -u 1000 -o -c "" -m optee 73 | RUN echo 'optee:optee' | chpasswd 74 | 75 | RUN mkdir -p /home/optee/qemu-optee 76 | 77 | ADD launch_optee.sh /home/optee/qemu-optee/launch_optee.sh 78 | RUN chown -R optee:optee /home/optee/qemu-optee 79 | 80 | # Set the locale 81 | RUN apt-get -y --allow-downgrades --allow-remove-essential --allow-change-held-packages install locales 82 | RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && locale-gen 83 | ENV LANG en_US.UTF-8 84 | ENV LANGUAGE en_US:en 85 | ENV LC_ALL en_US.UTF-8 86 | 87 | RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 88 | 89 | USER optee 90 | 91 | env USE_CCACHE=1 92 | env CCACHE_DIR=/home/optee/.ccache 93 | env CCACHE_UMASK=002 94 | 95 | RUN mkdir -p /home/optee/buildroot_dl 96 | env BR2_DL_DIR=/home/optee/buildroot_dl 97 | 98 | # Configure git so repo won't complain later on 99 | RUN git config --global user.name "OP-TEE" 100 | RUN git config --global user.email "op-tee@linaro.org" 101 | 102 | env TERM=rxvt-256color 103 | 104 | WORKDIR /home/optee/qemu-optee 105 | 106 | RUN chmod a+x launch_optee.sh 107 | 108 | WORKDIR /home/optee/qemu-optee 109 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Dockerfile for OP-TEE 2 | ===================== 3 | 4 | With this Dockerfile, you can quickly and easy test OP-TEE on your local 5 | desktop. The steps to create the Docker image is as follows: 6 | 7 | ```bash 8 | $ git clone 9 | $ cd 10 | $ docker build -t optee . 11 | ``` 12 | It will take ~30 minutes or so to download everything, this is highly dependant 13 | on the speed to your ISP. Note that when repo are synching, it looks like 14 | nothing happens, but indeed it does, so just relax and let it work until done. 15 | 16 | When all is done, you'll have a Docker image based on Ubuntu containing OP-TEE 17 | with all source code and toolchains necessary to build and test it out. Since 18 | the test spawns new `xterm` windows, we need to provide some extra parameters 19 | when running the Docker container. To run it, simply type: 20 | 21 | ```bash 22 | $ docker run -it -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix optee 23 | ``` 24 | 25 | In case it still doesn't work, you can grant X11 access to anyone by running `$ 26 | xhost +`, however, be **really** careful when doing so since, you basically open 27 | up to open any X11 window on you machine. 28 | 29 | If you detach from that container and later on need to attach to it again, you 30 | will need to type: 31 | 32 | ```bash 33 | # First find the name of the container, "silly_bhaskara" in my case. 34 | $ docker ps -a 35 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 36 | 552fbaee5d73 optee "/bin/bash" 4 hours ago silly_bhaskara 37 | 38 | # If not already running, you need to start the container. 39 | $ docker start silly_bhaskara 40 | 41 | # Finally re-attach to the running container 42 | $ docker attach silly_bhaskara 43 | ``` 44 | -------------------------------------------------------------------------------- /launch_optee.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | echo "This will take some time, since it's cloning lots of code ..." 3 | yes "" | repo init -u https://github.com/OP-TEE/manifest.git 4 | repo sync -j6 5 | 6 | echo "Now do this:" 7 | echo " cd build" 8 | echo " make -j2 toolchains && time nice -n 19 make -j`nproc` run" 9 | -------------------------------------------------------------------------------- /run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | IMAGE=$1 4 | 5 | export GID=$(id -g) 6 | 7 | docker run -it \ 8 | -e DISPLAY=$DISPLAY \ 9 | --user optee:$GID \ 10 | -v /tmp/.X11-unix:/tmp/.X11-unix \ 11 | $IMAGE 12 | --------------------------------------------------------------------------------