I am experimenting development of Trusted Application on Trusty TEE, following Trusty documentation
I’ve been able build and flash TrustedOS on a AGX Xavier Jetson.
Trusty documentation gives a good overview of Trusted Application (TA) and CA (Client Application). But I would have some more –practical—questions regarding TA/CA testing.
The only TA I have been able to test is hwkey-agent.
But included in the trusted os, few other TAs are available: skel, skel1, spinner , …
I would like to test for example skel or timer samples -hello world alike TAs-.
How can I do it?
Can I use tipc_test for testing (e.g. list available TAs, send TIPC commands, …), or is there any other testing tools available TAs without developing a CA. If tipc_test should be used, do you have any documentation on this tool?
In addition, would you have additional CA sample code to call skel/spinner/timer TAs?
there’s already TA/CA sample, please check readme files for reference.
TA, trusty/app/sample/hwkey-agent/README
CA, trusty/app/sample/hwkey-agent/CA_sample/README
please also refer to below topic for more details,
thanks
How do you run the TA/CA sample on the Jetson AGX Xavier. I can build trusty and the samples on the host Linux machine, but how do I this on the Jetson?
you should have your board enable Jetson security. so, during boot process, it’s bpmp to load EKS from eMMC, using PKC/SBK keys to decrypt EKS, after that, it’ll load SecureOS image from eMMC and decrypt/validate tos.img and write results to TZRAM.
it’s a Trusted Execution Environment (TEE) to provide secure environment for applications that running inside a SecureOS, those apps were known as Trusted Applications, TAs; there’s a client application (CA) running in the NSE (non-secure environment), typically has a partner trusted application (TA) running in the secure world.
please check developer guide, Secure Samples.
it shows an example and describes the scenarios that apply to the secure sample applications.
thanks
I’ve further digged into the luks-srv application source code to generate a new sample TA/CA application.
I have now: a CA sending data to a TA, a TA processing the data, and sending back the result to the CA.
Eventhough compilation and flashing processes were clearly described in atf_and_trusty.README, I have to admit that the development of new application could be a bit more explicit on the document. A step-by-step development & testing instructions would be appreciated.
@JerryChang I believe lgiori knows a “step-by-step development & testing instructions” documentation does not exist… but was suggesting that one be created. I agree with lgiori. The documentation that is currently referenced is not straight forward…
I understand it’s always not detail enough for the documentation.
we had readme file, atf_and_trusty.README, Trusted Application Development documentation, and related discussion thread, Topic 128041.
so, please kindly share the experience, which part of improvements you would like to have to make it better.
thanks
