Enabling Trusty OS on Android 13 for i.MX8QXP Board

Hi 

we are getting below issue when we run above build command. Pls see the attach build log file. 

generating documentation for trusty/user/base/lib/trusty-sys/src/lib.rs
warning: target json file contains unused fields: has-elf-tls, unsupported-abis

error: couldn't read trusty/user/base/lib/trusty-sys/src/./build-imx8qxp/generated/trusty/user/base/lib/syscall-stubs/trusty_syscalls.rs: No such file or directory (os error 2)
--> trusty/user/base/lib/trusty-sys/src/syscalls.rs:20:5
|
20 | include!(env!("SYSCALL_INC_FILE"));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this error originates in the macro `include` (in Nightly builds, run with -Z macro-backtrace for more info)

error: aborting due to previous error

regards

intelav

This looks some  relative path related issue. The build command is not taking absolute path.

error: couldn't read trusty/user/base/lib/trusty-sys/src/./build-imx8qxp/generated/trusty/user/base/lib/syscall-stubs/trusty_syscalls.rs: No such file or directory (os error 2)

Any suggestion where to make the  change  ?

Hello 

we could  get trusty build generating the image upto some extent after making changes in make files (changes related to using absolute path) and copied that to vendor/nxp/fsl-proprietary/uboot-firmware/imx8q_car/tee-imx8qx.bin . ( Pls see tee-image.png) . 

generating image: build-imx8qxp/lk.bin
text data bss dec hex filename
2835781 5216 50280 2891277 2c1e0d build-imx8qxp/lk.elf
generating symbols: build-imx8qxp/lk.elf.sym

After that we re-built android image (pls see build-android-car.txt ) and flashed via fastboot to device (pls see ap_console_logs.txt)  . but still see trusty not getting enabled . could you please re-validate our logs if trusty really got enabled or not and what should I do as next step ?

regards

intelav

Hi 

I am waiting for an active support from nxp . I am not sure if trusty is really enabled on my board . Just following your guide to set vendor RPMB key  as below but met with  falilure 

On The Host side

sudo fastboot stage my_rpmb_trusty.key.bin

sudo fastboot oem set-rpmb-staged-key

Console Log

Net: eth0: ethernet@5b040000 [PRIME]
Warning: ethernet@5b050000 (eth1) using random MAC address - 4a:97:f8:31:65:4
, eth1: ethernet@5b050000
INFO Initializing Trusty device
INFO selected trusty api version: 3 (requested 3)
INFO Initializing Trusty IPC device
INFO Initializing RPMB storage proxy service
INFO Initializing Trusty Keymaster client
INFO Initializing Trusty Hardware Crypto client
Fastboot: Got bootloader commands!
Starting download of 40 bytes

downloading of 40 bytes finished
General failure
ERROR - Key already programmed ?
ERROR set rpmb staged key failed!

regards

intelav

Have you finish these steps?

$ repo init -u https://github.com/nxp-imx/imx-manifest.git -b imx-android-13 -m
imx-trusty-automotive-automotive-13.0.0_1.1.0.xml
$ repo sync
$ source trusty/vendor/google/aosp/scripts/envsetup.sh
$ make imx8qxp #i.MX 8QuadXPlus MEK
$ cp ${TRUSTY_REPO_ROOT}/build-imx8qxp/lk.bin ${MY_ANDROID}/vendor/nxp/fsl-
proprietary/uboot-firmware/imx8q_car/tee-imx8qx.bin

Yes and flashed the images afterwards but setting the RPMB key failed. 

Just for basic sanity , I tested https://www.nxp.com/webapp/Download?colCode=13.0.0_1.3.0_AUTO_DEMO_8Q&appType=license  and here again setting the RPMB key failed.

See the snapshot  attached.  As I read document Android User's Guide (nxp.com) , section 4 android_automotive-13.0.0_1.3.0_image_8qmek_car.tar.gz has trusty OS enabled . so that's supposed to work , right ?

regards

Intelav

Have you try the android_automotive-13.0.0_1.3.0_image_8qmek_car.tar.gz  demo images? You can try it. Did it work?

Yes, below update is on your demo image " automotive-13.0.0_1.3.0_image_8qmek_car.tar.gz  " .It didn't work for me . Did it work for you ?

regards

intelav

HI 

Can we have an update this issue  soon ?

regards

intelav