optee_test¶
The optee_test.git contains the source code for the TEE sanity test suite in Linux using the ARM(R) TrustZone(R) technology. It is typically referred to as xtest. By default there are several thousands of tests when running the code that is in the git only. However, it is also possible to incorporate tests coming from GlobalPlatform (see Extended test (GlobalPlatform tests)). We typically refer to these to as:
- Standard tests: These are the test that are included in optee_test. They are free and open source.
- Extended tests: Those are the tests that are written directly by GlobalPlatform. They are not open source and they are not freely available (it’s free to members of GlobalPlatform and can otherwise be purchased directly from GlobalPlatform).
git location¶
License¶
The client applications (optee_test/host/*
) are provided under the
GPL-2.0 license and the user Trusted Applications (optee_test/ta/*
) are
provided under the BSD 2-Clause.
Build instructions¶
At the moment you can only build the code in this git as part of the entire system, i.e. as a part of a full OP-TEE developer setup. So, please refer to the instructions at the build page to learn how to build a full OP-TEE developer setup. Building purely standalone is not possible (*) because:
- the host code (
xtest
) have dependencies to the optee_client (it links againstlibteec
,openssl
and uses various headers)- the Trusted Applications have dependencies to the TA-devkit built by optee_os.
Note
(*) It is of course possible to build this without a full OP-TEE developer setup, but it will require a lot of tweaking with paths, flags etc. I.e., one would need to do exactly the same as the full OP-TEE developer setup does under the hood.
Extended test (GlobalPlatform tests)¶
One can purchase the GlobalPlatform Compliance Test suite which comes with .xml files describing the tests and the Trusted Applications. The standard tests (xtest + TA’s) that are free and open source can be extended to also include the GlobalPlatform test suite. This is done by:
- Install the GlobalPlatform
xml
files in$CFG_GP_PACKAGE_PATH
.- Run
make patch
(or call makextest-patch
from thebuild
repository) before compiling xtest. This must be run a single time after the installation of OP-TEE.
This will:
- Create new Trusted Applications, that can be found in
ta/GP_xxx
- Create new tests in
host/xtest
, as for examplextest_9000.c
- Patches
xtest_7000.c
, adding new tests.
Then the tests must be compiled with CFG_GP_PACKAGE_PATH=<path>
.
It makes use of the following environment variable:
COMPILE_NS_USER
:32
or64
if application shall be compiled in 32 bits mode on in 64 bits mode. IfCOMPILE_NS_USER
is not specified, build relies onCFG_ARM32_core=y
from OP-TEE core build to assume applications are in 32 bits mode, Otherwise, 64 bits mode is assumed.
Run xtest¶
It’s important to understand that you run xtest
on the device itself, i.e.,
this is nothing that you run on the host machine.
xtest - all¶
This runs all tests within the standard xtest. Using the -l
parameter you
can tweak the amount of tests you will run. 15
is the most and 0
is the
least.
$ xtest -l 15
xtest - family¶
To run a family (1xxx
, 2xxx
and so on), just specify its number prefixed
with an underscore. This for example will run the 1xxx family.
$ xtest _1
xtest - benchmark¶
To run the benchmark tests, run xtest like this:
$ xtest -t benchmark
Here it is also possible to state a number for a certain benchmark test, for example:
$ xtest -t benchmark 2001
xtest - regression¶
To run the regression tests, run xtest like this:
$ xtest -t regression
Here it is also possible to state a number for a certain regression test, for example:
$ xtest -t regression 2004
xtest - aes-perf¶
This is benchmark test for AES and you run it like this:
$ xtest --aes-perf
Note
There is an individual help for --aes-perf
, i.e.
$ xtest --aes-perf -h
xtest - sha-perf¶
This is benchmark test for SHA-xxx and you run it like this:
$ xtest --sha-perf
Note
There is an individual help for --sha-perf
, i.e.
$ xtest --sha-perf -h
There you can select other SHA algorithms etc.
Coding standards¶
See Coding standards.