How to run trusty samples on jetson Xavier?

I want to run trusty app on my Xavier, but I can’t find trusty/app/sample directory on my Xavier. Do I need to build and install trusty? If so,I noticed “You can assemble lk.bin into a firmware image and flash it to the device. Generating firmware images varies depending on the board being used. Contact your board manufacturer for instructions.”on source.android.com. How should i deel with it?

hello gfan100,

you might access the latest L4T Sources via download center.
you should also found the trusty_src.tbz2 package included, please refer to below for reference,
for example,
$l4t-r32.4.3_JAX_TX2/public_sources/trusty/app/sample/*

hello,
I found those files. I need to build them on my x86_64 Linux device with L4T Toolchain, right? It seems like I also need to flash the OS on Xavier right?
Thank you.

hello gfan100,

please setup an environment for implementation,
you may also check Trusted Application Development for developing TAs.
please also refer to similar discussion thread, Topic 128041 for reference.
thanks

@JerryChang I don’t feel like the original question was answered… which I am interested in knowing the answer to. You are skipping to how to implement the CA and TA which your references point to. gfan100 originally asked where does the sample directory (trusty/app/sample) reside on the Xavier… the target. I’m assuming that gfan100 is asking this question after have followed the instructions in atf_and_trusty_README.txt … which explains how to extract and build the ATF and Trusty sourced code on the host machine (Ubuntu 18.04 host). Then generate a tos.img with the ATF and Trusty images from the build… and replace the default tos.img with the one just generated. Finally flash the target (or Xavier).

I believe the question is where do the trusty sample files reside on the Xavier once booted up after following the instructions in atf_and_trusty_README.txt? Or do we have to download trusty_src.tbz2 on the Xavier… then extract and build it?

this is one discussion thread almost a year ago…
there’s developer guide update for Secure Samples. please check that and initial another new discussion thread for better supports.

@JerryChang I can initiate a new discussion thread, but I really don’t think that the question answer. I took a look at your reference… it explains how the CA (hwkey-app) and TA (hwkey-agent) operates. This reference is preemptive to what I’m asking.

After flashing trusty tos.img onto the Xavier… Once booted up, can I run the hwkey-app from the command line? Or are there other steps I must do first?

hello dcapers44,

please check bootloader logs,
those services (TAs) were initialized by trust little kernel (LK), this process is within MB2 and CBoot.
for example,

▒[0000.336] I> Welcome to MB2(TBoot-BPMP) (version: 00.00.2018.32-mobile-feba5943)
[0000.337] I> DMA Heap @ [0x526fa000 - 0x52ffa000]
...

NOTICE:  BL31: Built : 08:38:54, Feb 19 2021
ipc-unittest-main: 1519: Welcome to IPC unittest!!!
ipc-unittest-main: 1531: waiting forever
ipc-unittest-srv: 329: Init unittest services!!!
hwkey-agent: 40: hwkey-agent is running!!
hwkey-agent: 197: key_mgnt_processing .......
hwkey-agent: 189: Setting EKB key 0 to slot 14
hwkey-agent: 167: Init hweky-agent services!!
luks-srv: 40: luks-srv is running!!
luks-srv: 157: Init luks-srv IPC services!!
platform_bootstrap_epilog: trusty bootstrap complete

...

▒0001.092] I> Welcome to Cboot
▒mon_post initialized
▒0001.093] I> Cboot Version: t194-9efcbc4f

there’s CA, “hwkey-app” that is intended to work with the TA, “hwkey-agent”.
so, you’ll need to build the CA sample on the target device, i.e. Jetson AGX Xavier.

please moving on and submit another thread,
let’s see how to help you out and what’s we’ll need to improve with the current JetPack release. (i.e. JetPack-4.5.1)
thanks