search

apache / incubator-teaclave-trustzone-sdk

Teaclave TrustZone SDK enables safe, functional, and ergonomic development of trustlets.
https://teaclave.apache.org
Apache License 2.0
206 stars 59 forks source link

Update ta linker scripts and entry points so that them can run with optee 3.8.0 #22

Closed xiangmy closed 3 years ago

xiangmy commented 3 years ago

Hi @mssun ,

Thanks for your help! I've updated:

  1. the linker scripts according to here
  2. gcc linker arguments according to here
  3. the ta header
  4. the ta entry point according to here

PS: Maybe it will be better if we can put ta_aarch64.lds, ta_arm.lds and ta_static.rs in one directory instead of duplicating them in every TAs.

See #21 for the bug report.

Thanks, Mingyuan

xiangmy commented 3 years ago

BTW, not sure whether I should change the CI scripts which are tested with optee 3.4.0.

mssun commented 3 years ago

Thank you so much!

For the CI script, since it needs a docker environment for testing, I'll fix it. Don't worry.

mssun commented 3 years ago

Hi @xiangmy, FYI, I'm working on donating the project to Apache Teaclave (incubating). https://lists.apache.org/thread.html/rb59b3067b9b53627b6094c1fb5fb727721912909fae544fa0f1967ca%40%3Cdev.teaclave.apache.org%3E

Will work on this PR later. Thanks.

xiangmy commented 3 years ago

Hi @mssun ,

Thanks for informing. If there is anything you need, I'm glad to help.

Thanks, Mingyuan

xiangmy commented 3 years ago

Hi @mssun ,

I have some free time recently, so I can help update the docker and the CI script. However, I'm not sure how many changes you want to make. Do you wish to update everything to optee 3.8, or to the latest version, optee 3.11?

Thanks, Mingyuan

mssun commented 3 years ago

@xiangmy, thank you!

Sure, the latest version (i.e., 3.11) is ok.

xiangmy commented 3 years ago

Hi @mssun ,

Sorry for the late update. I ran into some other things right after I said I would be free recently. Anyway, I try to clean up my changes and update everything to optee 3.11 the same way that I did while updating to optee 3.8. However, I got a translation fault when the optee tries to load TAs. You can find my changes here. See the log in the following:

D/TC:? 0 tee_ta_init_pseudo_ta_session:283 Lookup pseudo TA 8aaaf200-2450-11e4-abe2-0002a5d5c51b
D/TC:? 0 load_ldelf:712 ldelf load address 0x80006000
D/LD:  ldelf:134 Loading TA 8aaaf200-2450-11e4-abe2-0002a5d5c51b
D/TC:? 0 tee_ta_init_session_with_context:586 Re-open TA 3a2f8978-5dc0-11e8-9c2d-fa7ae01bbebc
D/TC:? 0 system_open_ta_binary:256 Lookup user TA ELF 8aaaf200-2450-11e4-abe2-0002a5d5c51b (Secure Storage TA)
D/TC:? 0 system_open_ta_binary:260 res=0xffff0008
D/TC:? 0 system_open_ta_binary:256 Lookup user TA ELF 8aaaf200-2450-11e4-abe2-0002a5d5c51b (REE)
D/TC:? 0 system_open_ta_binary:260 res=0x0
D/TC:0 0 abort_handler:519 [abort] abort in User mode (TA will panic)
E/TC:? 0 
E/TC:? 0 User TA data-abort at address 0x8821d5bc (translation fault)
E/TC:? 0  esr 0x92000006  ttbr0 0x200000e18e000   ttbr1 0x00000000   cidr 0x0
E/TC:? 0  cpu #0          cpsr 0x40000100
E/TC:? 0  x0  0000000002060fcf x1  0000000002060fcf
E/TC:? 0  x2  0000000000000000 x3  0000000000000003
E/TC:? 0  x4  0000000080099680 x5  000000008009b168
E/TC:? 0  x6  00000000800129b0 x7  0000000080081000
E/TC:? 0  x8  0000000000018670 x9  000000000001a000
E/TC:? 0  x10 0000000000000012 x11 0000000000000000
E/TC:? 0  x12 0000000080005c78 x13 000000000000000a
E/TC:? 0  x14 00000000ffffffff x15 0000000000000000
E/TC:? 0  x16 00000000593a843c x17 0000000000000000
E/TC:? 0  x18 0000000000000000 x19 0000000080012ec0
E/TC:? 0  x20 0000000080012ec0 x21 0000000000000003
E/TC:? 0  x22 0000000000000000 x23 0000000080099680
E/TC:? 0  x24 0000000080099628 x25 000000008000d0db
E/TC:? 0  x26 0000000080005ef8 x27 0000000000000000
E/TC:? 0  x28 0000000000000000 x29 0000000080005df0
E/TC:? 0  x30 0000000080009b80 elr 0000000080009958
E/TC:? 0  sp_el0 0000000080005de0
E/TC:? 0  region  0: va 0x0000000080000000 pa 0x000000000e102000 size 0x002000 flags ---R-X
E/TC:? 0  region  1: va 0x0000000080002000 pa 0x000000000e17f000 size 0x001000 flags ---RW-
E/TC:? 0  region  2: va 0x0000000080004000 pa 0x000000000e400000 size 0x002000 flags rw-RW-
E/TC:? 0  region  3: va 0x0000000080006000 pa 0x000000000e402000 size 0x008000 flags r-x---
E/TC:? 0  region  4: va 0x000000008000e000 pa 0x000000000e40a000 size 0x001000 flags rw-RW-
E/TC:? 0  region  5: va 0x000000008000f000 pa 0x000000000e40b000 size 0x004000 flags rw-RW-
E/TC:? 0  region  6: va 0x0000000080013000 pa 0x000000000e40f000 size 0x001000 flags r--R--
E/TC:? 0  region  7: va 0x0000000080014000 pa 0x000000000e437000 size 0x001000 flags rw-RW-
E/TC:? 0  region  8: va 0x0000000080081000 pa 0x000000000e410000 size 0x01a000 flags r-xR--
E/TC:? 0  region  9: va 0x000000008009b000 pa 0x000000000e42a000 size 0x00d000 flags rw-RW-
E/TC:? 0 init_with_ldelf:255 ldelf panicked
D/TC:? 0 tee_ta_close_session:492 csess 0x59412340 id 1
D/TC:? 0 tee_ta_close_session:512 Destroy session
D/TC:? 0 tee_ta_open_session:695 init session failed 0xffff0000

I dug in and had no idea how to fix this fault. The linker script seems to be fine and nothing to be wrong with the linker arguments from my perspective. Any thoughts on how to fix this fault?

Thanks, Mingyuan