Hi experts,
Today I was trying to use the latest OPTEE version to replace my previous one (v1.1.0) on my Juno board and I met one issue about tee-supplicant.
I used the initialization script from ashwildingarm 's post with the choice "Juno, latest, openembedded".
Now I have booted up my board with the new system.I could successfully run the command modprobe optee_armtz while I got the error -sh: tee-supplicant: command not found when I was trying to use the command tee-supplicant &.
modprobe optee_armtz
-sh: tee-supplicant: command not found
tee-supplicant &
Is there anything I missed for running tee-supplicant?
By the way, now I'm following the instruction of optee_test for running TA.If you have any other document about running a TA / xtest on latest OPTEE, please let me know so I could check the document by myself.
Thank you.
Simon
Hi Simon,
It's been a while since Iast did this so some of this may be outdated, but please find my notes below for running the OP-TEE Hello World example TA found in this GitHub repository, hopefully this will help you identify any steps you may be missing for running your own TA (note how we build tee-supplicant and copy it to the board, then run it).
1) Use the workspace script to sync a new build-from-source Juno lsk-4.4-armlt + OpenEmbedded LAMP workspace
1) Boot the Juno to the OpenEmbedded LAMP terminal prompt and get its IP address using ifconfig
2) Execute the following commands on your host Linux computer:
$ export HOST_CROSS_COMPILE=<workspace>/tools/gcc/gcc-linaro-4.9-2015.05-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu-
$ export TA_CROSS_COMPILE=<workspace>/tools/gcc/gcc-linaro-4.9-2015.05-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf-
$ export TEEC_EXPORT=<workspace>/optee/optee_client/out/export
$ export TA_DEV_KIT_DIR=<workspace>/optee/optee_os/out/arm-plat-vexpress/export-ta_arm32
$ cd <workspace>/optee
$ git clone https://github.com/jenswi-linaro/lcu14_optee_hello_world
$ cd lcu14_optee_hello_world/
$ make
$ scp host/hello_world root@<juno_ip_address>:~
$ find -name "*.ta" -exec scp {} root@<juno_ip_address>:~ \;
$ cd <workspace>/optee/optee_client/out
$ tar zcf export.tar.gz export/
$ scp export.tar.gz root@<juno_ip_address>:~
$ cd <workspace>/optee/optee_linuxdriver/
$ find -name "*.ko" -exec scp {} root@<juno_ip_address>:~ \;
3) Execute the following commands from your Juno OpenEmbedded LAMP terminal prompt:
# mkdir -p /lib/teetz/ <-- Note: I *think* this is actually supposed to be /lib/optee_armtz/ but my notes are outdated
# mv *.ta /lib/teetz/ <-- Same as above, I think you need to change this to /lib/optee_armtz/
# insmod optee.ko <-- You may not actually need to insmod this
# insmod optee_armtz.ko <-- Same as above, you may not actually need to insmod this
# tar xzf export.tar.gz
# export LD_LIBRARY_PATH=~/export/lib:$LD_LIBRARY_PATH
# ./export/bin/tee-supplicant &
# ./hello_world
And you should see this printed:
Invoking TA to increment 42
TA incremented value to 43
Which shows that the Trusted Application (TA) is working.
Hope that helps!
Hi Ash,
Thank you for the reply.
I just tried the script with the choices: build-from-source, Juno, lsk-4.4-armlt, OpenEmbedded LAMP.
I build the OS and make the hello_world program successfully.
For your notes,
# mkdir -p /lib/teetz/ <-- Note: I *think* this is actually supposed to be /lib/optee_armtz/ but my notes are outdated # mv *.ta /lib/teetz/ <-- Same as above, I think you need to change this to /lib/optee_armtz/
Yes, the TA part should be saved in the folder optee_armtz instead of teetz now.
# insmod optee.ko <-- You may not actually need to insmod this # insmod optee_armtz.ko <-- Same as above, you may not actually need to insmod this
I didn't find any file with name "*.ko" under my workspace. I also checked the folder which contains the source code of optee.ko and optee_armtz.ko while I got no ".ko" file there after building.
In this case, I didn't insmod anything on my board.
However, I could execute the command tee-supplicant & so I assume these steps are not necessary.
Now, when I running the client application, I got the error
ERR [2098] TEEC:TEEC_InvokeCommand:567: TEE_IOC_INVOKE failedhello_world: TEEC_InvokeCommand failed with code 0xffff0000 origin 0x2
ERR [2098] TEEC:TEEC_InvokeCommand:567: TEE_IOC_INVOKE failed
hello_world: TEEC_InvokeCommand failed with code 0xffff0000 origin 0x2
after the program outputs
correctly.
For the secure OS side, I got the debug information as follows:
DEBUG: [0x0] TEE-CORE:tee_ta_init_static_ta_session:160: Lookup for Static TA 8aaaf200-2450-11e4-abe20002a5d5c51b DEBUG: [0x0] TEE-CORE:init_session_with_signed_ta:716: Load dynamic TA DEBUG: [0x0] TEE-CORE:ta_load:497: Loaded TA at 0xff200000 DEBUG: [0x0] TEE-CORE:ta_load:498: ELF load address 0x40001000 DEBUG: [0x0] TEE-CORE:init_session_with_signed_ta:722: dyn TA : 8aaaf200-2450-11e4-abe20002a5d5c51b DEBUG: [0x0] TEE-CORE:tee_ta_close_session:318: tee_ta_close_session(0xff05bf20) DEBUG: [0x0] TEE-CORE:tee_ta_close_session:337: ... Destroy session DEBUG: [0x0] TEE-CORE:tee_ta_close_session:358: ... Destroy TA ctx
DEBUG: [0x0] TEE-CORE:tee_ta_init_static_ta_session:160: Lookup for Static TA 8aaaf200-2450-11e4-abe20002a5d5c51b
DEBUG: [0x0] TEE-CORE:init_session_with_signed_ta:716: Load dynamic TA
DEBUG: [0x0] TEE-CORE:ta_load:497: Loaded TA at 0xff200000
DEBUG: [0x0] TEE-CORE:ta_load:498: ELF load address 0x40001000
DEBUG: [0x0] TEE-CORE:init_session_with_signed_ta:722: dyn TA : 8aaaf200-2450-11e4-abe20002a5d5c51b
DEBUG: [0x0] TEE-CORE:tee_ta_close_session:318: tee_ta_close_session(0xff05bf20)
DEBUG: [0x0] TEE-CORE:tee_ta_close_session:337: ... Destroy session
DEBUG: [0x0] TEE-CORE:tee_ta_close_session:358: ... Destroy TA ctx
I'm not sure this error is caused by missing "*.ko" files or something else.
Could you please check this and see if you have any idea about what might be wrong?
Thank you very much.