The Trusty repositories are available in the Android Open Source Project (AOSP).
Use these links to find the appropriate Trusty kernel branches in AOSP:
Installing Repo
To download Trusty, first download and install Repo.
After Repo has been successfully installed you can clone the Android Trusty repository.
mkdir trustycd trustyrepo init -u https://android.googlesource.com/trusty/manifest -b masterrepo sync -j32
Build
Use the following to build the generic arm64 image for Trusty.
./trusty/vendor/google/aosp/scripts/build.py generic-arm64
Build results will be under build-root/build-generic-arm64/.
Look for lk.bin which is a TEE image with all apps compiled in:
ls build-root/build-generic-arm64/lk.bin
Install
You can assemble lk.bin into a firmware image and flash it to the device. Generating firmware images varies depending on the board being used. Contact your board manufacturer for instructions.
Trusty on QEMU
Install needed packages on host if you haven't already:
sudo apt install libpixman-1-dev libstdc++-8-dev pkg-config libglib2.0-dev libusb-1.0-0-dev
Build (using the build server scripts) trusty and qemu images:
trusty/vendor/google/aosp/scripts/build.py qemu-generic-arm64-test-debug
This will also run all the tests configured for this target.
To manually run a test-runner test (port activation) (com.android.ipc-unittest.ctrl):
build-root/build-qemu-generic-arm64-test-debug/run --headless --boot-test "com.android.ipc-unittest.ctrl"
To run a test-runner test (com.android.ipc-unittest.ctrl) with kernel debug output at boot:
build-root/build-qemu-generic-arm64-test-debug/run-qemu --boot-test "com.android.ipc-unittest.ctrl" --headless --verbose
ATF disables the console before returning to test-runner. To disable this locally comment out all the code in bl31_plat_runtime_setup in external/arm-trusted-firmware/plat/common/aarch64/plat_common.c.
To run a test from the Android shell,
build-root/build-qemu-generic-arm64-test-debug/run-qemu --shell-command "/data/nativetest64/tipc-test/tipc-test -t ta2ta-ipc" --headless
To boot to an interactive shell (from the checked in prebuilt)
build-root/build-qemu-generic-arm64-test-debug/run
This command also has a variety of other overrides available - check --help for more.
If adb devices -l fails when running qmeu.py, the version of adb server that is running on your system may be the wrong version.
adb kill-server
To boot an Android build you have locally,
build-root/build-qemu-generic-arm64-test-debug/run --android path/to/your/android/source/dir
To build Android for Trusty,
mkdir android cd android repo init -u https://android.googlesource.com/platform/manifest -b master repo sync -j32 source build/envsetup.sh lunch qemu_trusty_arm64-userdebug m