OP-TEE Development Guidance

Jens Wiklander jens.wiklander at linaro.org
Fri Jul 10 09:46:04 UTC 2020


On Wed, Jul 8, 2020 at 7:56 PM Muhammad Saad <saad.ucf at knights.ucf.edu> wrote:
>
> Hi Jens,
>
> I was able to do all those operations last week. I actually cloned a pseudo-TA, assign it a new UUID, and do all the required cryptographic operations as well as the secure storage.  However, now that I try to benchmark it, an error is thrown ([Benchmark] ERROR: TEEC_InvokeCommand: 0xffff000c). Can you tell me the right way of benchmarking a pseudo-TA? Also, if I want to take all the pseduo-TA code and make a new TA, what should be the simplest process?

I suggest that you start out with studying
https://optee.readthedocs.io/en/latest/ it will probably answer your
questions and give a good overview too.

Cheers,
Jens

>
> Best,
>
> Saad
>
> ________________________________
> From: Jens Wiklander <jens.wiklander at linaro.org>
> Sent: Wednesday, July 8, 2020 11:26 AM
> To: Muhammad Saad <saad.ucf at Knights.ucf.edu>
> Cc: op-tee at lists.trustedfirmware.org <op-tee at lists.trustedfirmware.org>
> Subject: Re: OP-TEE Development Guidance
>
> Hi Saad,
>
> On Thu, Jun 18, 2020 at 9:43 AM Muhammad Saad via OP-TEE
> <op-tee at lists.trustedfirmware.org> wrote:
> >
> > Hello All,
> >
> > First, I hope you are safe and doing fine in the unfortunate COVID-19 situation. I am a Ph.D. student at the University of Central Florida. Currently, I am working on a TEE-based prototype application for a proof-of-concept. Since I am totally new in this domain, so it is taking some effort. I have a few questions and I hope you guys can help me in that.
> >
> > At present, I am able to set up OP-TEE on Qemu and run the examples on the normal world and the secure world. Additionally, I tweaked a few parameters (ie., the integer value in the main.c) for the CA and the addition and subtraction sequence in the TA. Upon building it again (cd/build/make all run), it seems to work. However, if I need to pass a normal string to the TA and the TA computes Sha256 of the string and returns the value, what steps do I need to take? In other words, how can I pass a tuple from the TA to the CA and obtain the Hash of the tuple. Additionally, if I am able to do that by tailoring the HelloWorld examples, how can I develop new CA and TA with unique UUID and perform the same procedure. Finally, instead of doing the entire (cd/build/make all run), is there a method by which I can simply build the application and alone and run it on Qemu?
>
> You can find an example of doing some hashing at
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FOP-TEE%2Foptee_test%2Fblob%2F391168ec03980e1cc8fb6d3e3c4b424819cd90cf%2Fhost%2Fxtest%2Fregression_1000.c%23L106&data=02%7C01%7Csaad.ucf%40knights.ucf.edu%7C078dff5cf5884ef2466308d8235358b9%7C5b16e18278b3412c919668342689eeb7%7C0%7C1%7C637298188166072848&sdata=f0th70K5qfcGs7lKwxkACJXE3YhFW63RqDAU6oG40zU%3D&reserved=0
>
> You'll need to look around a little to get the whole picture, but it
> shouldn't be too hard.
>
> If you only change a TA or some client application it's enough to rebuild with:
> make buildroot
>
> and then run it with:
> make run-only
>
> A new UUID can be obtained with the Linux command uuidgen.
>
> Cheers,
> Jens
>
> >
> > I understand that these must be trivial questions, however, I will deeply appreciate if you can help me in figuring them out.
> >
> >
> > Best,
> >
> > Saad
> > --
> > OP-TEE mailing list
> > OP-TEE at lists.trustedfirmware.org
> > https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.trustedfirmware.org%2Fmailman%2Flistinfo%2Fop-tee&data=02%7C01%7Csaad.ucf%40knights.ucf.edu%7C078dff5cf5884ef2466308d8235358b9%7C5b16e18278b3412c919668342689eeb7%7C0%7C1%7C637298188166072848&sdata=Jzi3jCUz6f0Hnw%2BZpsmJ24LIwfDT17xQtu8okvtbvXM%3D&reserved=0


More information about the OP-TEE mailing list