qemu: optionally preserve secure storage between reboots

Usage: set QEMU_PSS_ENABLE=y and adjust QEMU_PSS_HOST_DIR. It also
requires QEMU_VIRTFS_ENABLE to be set to "y".

Also added a buildroot post-script which appends lines to /etc/fstab,
so shared directories can be automatically mounted if
QEMU_VIRTFS_AUTOMOUNT and QEMU_PSS_AUTOMOUNT are set to "y".

Signed-off-by: Roland Nagy <rnagy@xmimx.tk>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org>

br-ext/board/qemu/overlay/mnt/host/README

+This directory is intended to be mounted onto a shared directory on the host.
+See QEMU_VIRTFS_AUTOMOUNT / QEMU_VIRTFS_MOUNTPOINT in build/common.mk.

br-ext/board/qemu/post-build.sh

+#! /bin/bash
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2020, Roland Nagy <rnagy@xmimx.tk>
+
+TARGETDIR="$1"
+VIRTFS_AUTOMOUNT="$2"
+VIRTFS_MOUNTPOINT="$3"
+PSS_AUTOMOUNT="$4"
+
+if [[ -z $TARGET_DIR ]]; then
+    echo "TARGET_DIR missing"
+    exit 1
+fi
+
+if [[ -z $VIRTFS_AUTOMOUNT ]]; then
+    echo "VIRTFS_AUTOMOUNT missing"
+    exit 1
+fi
+
+if [[ -z $VIRTFS_MOUNTPOINT ]]; then
+    echo "VIRTFS_MOUNTPOINT missing"
+    exit 1
+fi
+
+if [[ -z $PSS_AUTOMOUNT ]]; then
+    echo "PSS_AUTOMOUNT missing"
+    exit 1
+fi
+
+
+if [[ $VIRTFS_AUTOMOUNT == "y" ]]; then
+    grep host "$TARGETDIR"/etc/fstab > /dev/null || \
+    echo "host $VIRTFS_MOUNTPOINT 9p trans=virtio,version=9p2000.L,rw 0 0" >> "$TARGETDIR"/etc/fstab
+    echo "[+] shared directory mount added to fstab"
+fi
+
+if [[ $PSS_AUTOMOUNT == "y" ]]; then
+    mkdir -p "$TARGETDIR"/data/tee
+    grep secure "$TARGETDIR"/etc/fstab > /dev/null || \
+    echo "secure /data/tee 9p trans=virtio,version=9p2000.L,rw 0 0" >> "$TARGET_DIR"/etc/fstab
+    echo "[+] persistent secure storage mount added to fstab"
+fi

common.mk

@@ -2,6 +2,26 @@
 # Common definition to all platforms
 #
 
+# Set a variable or error out if it was previously set to a different value
+# The reason message (3rd parameter) is optional
+# Example:
+# $(call force,CFG_FOO,foo,required by CFG_BAR)
+define force
+$(eval $(call _force,$(1),$(2),$(3)))
+endef
+
+define _force
+ifdef $(1)
+ifneq ($($(1)),$(2))
+ifneq (,$(3))
+_reason := $$(_empty) [$(3)]
+endif
+$$(error $(1) is set to '$($(1))' (from $(origin $(1))) but its value must be '$(2)'$$(_reason))
+endif
+endif
+$(1) := $(2)
+endef
+
 SHELL := bash
 BASH ?= bash
 ROOT ?= $(shell pwd)/..
@@ -28,13 +48,56 @@ CFG_TEE_BENCHMARK		?= n
 
 CCACHE ?= $(shell which ccache) # Don't remove this comment (space is needed)
 
+# QEMU shared folders settings
+#
+# TL;DR:
+# 1) make QEMU_VIRTFS_AUTOMOUNT=y run
+#    will mount the project's root on the host as /mnt/host in QEMU.
+# 2) mkdir -p /tmp/qemu-data-tee && make QEMU_PSS_AUTOMOUNT=y run
+#    will mount the host directory /tmp/qemu-data-tee as /data/tee
+#    in QEMU, thus creating persistent secure storage.
+
+ifeq ($(QEMU_VIRTFS_AUTOMOUNT),y)
+$(call force,QEMU_VIRTFS_ENABLE,y,required by QEMU_VIRTFS_AUTOMOUNT)
+endif
+
+ifeq ($(QEMU_PSS_AUTOMOUNT),y)
+$(call force,QEMU_PSS_ENABLE,y,required by QEMU_PSS_AUTOMOUNT)
+endif
+
+ifeq ($(QEMU_PSS_ENABLE),y)
+$(call force,QEMU_VIRTFS_ENABLE,y,required by QEMU_PSS_ENABLE)
+endif
+
 # Accessing a shared folder on the host from QEMU:
 # # Set QEMU_VIRTFS_ENABLE to 'y' and adjust QEMU_VIRTFS_HOST_DIR
 # # Then in QEMU, run:
 # # $ mount -t 9p -o trans=virtio host <mount_point>
-QEMU_VIRTFS_ENABLE		?= n
+# # Or enable QEMU_VIRTFS_AUTOMOUNT
+QEMU_VIRTFS_ENABLE	?= n
 QEMU_VIRTFS_HOST_DIR	?= $(ROOT)
 
+# Persistent Secure Storage via shared folder
+# # Set QEMU_PSS_ENABLE to 'y' and adjust QEMU_PSS_HOST_DIR
+# # Then in QEMU, run:
+# # $ mount -t 9p -o trans=virtio secure /data/tee
+# # Or enable QEMU_PSS_AUTOMOUNT
+QEMU_PSS_ENABLE		?= n
+QEMU_PSS_HOST_DIR	?= /tmp/qemu-data-tee
+
+# Warning: when these variables are modified, you must remake the buildroot
+# target directory. This can be done without rebuilding everything as follows:
+# rm -rf ../out-br/target; find ../out-br/ -name .stamp_target_installed | xargs rm
+# make <flags> run
+QEMU_VIRTFS_AUTOMOUNT	?= n
+QEMU_PSS_AUTOMOUNT	?= n
+# Mount point for the shared directory inside QEMU
+# Used by the post-build script, this is written to /etc/fstab as the mount
+# point of the shared directory
+QEMU_VIRTFS_MOUNTPOINT	?= /mnt/host
+
+# End of QEMU shared folder settings
+
 ################################################################################
 # Mandatory for autotools (for specifying --host)
 ################################################################################
@@ -302,6 +365,11 @@ QEMU_CONFIGURE_PARAMS_COMMON +=  --enable-virtfs
 QEMU_EXTRA_ARGS +=\
 	-fsdev local,id=fsdev0,path=$(QEMU_VIRTFS_HOST_DIR),security_model=none \
 	-device virtio-9p-device,fsdev=fsdev0,mount_tag=host
+ifeq ($(QEMU_PSS_ENABLE),y)
+QEMU_EXTRA_ARGS +=\
+	  -fsdev local,id=fsdev1,path=$(QEMU_PSS_HOST_DIR),security_model=none \
+	  -device virtio-9p-device,fsdev=fsdev1,mount_tag=secure
+endif
 endif
 
 ifeq ($(GDBSERVER),y)

qemu.mk

@@ -9,6 +9,8 @@ override COMPILE_S_USER    := 32
 override COMPILE_S_KERNEL  := 32
 
 BR2_ROOTFS_OVERLAY = $(ROOT)/build/br-ext/board/qemu/overlay
+BR2_ROOTFS_POST_BUILD_SCRIPT = $(ROOT)/build/br-ext/board/qemu/post-build.sh
+BR2_ROOTFS_POST_SCRIPT_ARGS = "$(QEMU_VIRTFS_AUTOMOUNT) $(QEMU_VIRTFS_MOUNTPOINT) $(QEMU_PSS_AUTOMOUNT)"
 
 OPTEE_OS_PLATFORM = vexpress-qemu_virt
 

qemu_v8.mk

@@ -14,6 +14,8 @@ override COMPILE_S_KERNEL  := 64
 TF_A_TRUSTED_BOARD_BOOT ?= n
 
 BR2_ROOTFS_OVERLAY = $(ROOT)/build/br-ext/board/qemu/overlay
+BR2_ROOTFS_POST_BUILD_SCRIPT = $(ROOT)/build/br-ext/board/qemu/post-build.sh
+BR2_ROOTFS_POST_SCRIPT_ARGS = "$(QEMU_VIRTFS_AUTOMOUNT) $(QEMU_VIRTFS_MOUNTPOINT) $(QEMU_PSS_AUTOMOUNT)"
 
 OPTEE_OS_PLATFORM = vexpress-qemu_armv8a