How to deploy the OP-TEE on kunpeng(华为鲲鹏芯片)?

[xglreal]

What mk (qemu_v8.mk\qemu.mk\juno,mk\hikey.mk\hikey960.mk etc.) should I use when installing the OP-TEE on physical machine?

Here is the error during build the toolchains:

**make -C /root/incubator-teaclave-trustzone-sdk/optee/build -f hikey960.mk toolchains
make[1]: Entering directory '/root/incubator-teaclave-trustzone-sdk/optee/build'
Building aarch64 toolchain
build/br-ext/scripts/make_def_config.py --br buildroot --out out-aarch64-sdk --br-ext build/br-ext --top-dir /root/incubator-teaclave-trustzone-sdk/optee/build/.. --br-defconfig build/br-ext/configs/sdk-aarch64 --br-defconfig build/br-ext/configs/sdk-common --make-cmd make
make[2]: Entering directory '/root/incubator-teaclave-trustzone-sdk/optee'
make[2]: *** buildroot: No such file or directory.  Stop.**

[DemesneGH]

Hi @xglreal , There is probably Huawei's TEE OS inside Kunpeng chips, so I'm not sure if you can run OP-TEE OS on it. You can check the list of supported devices in OP-TEE documentation. When compiling OP-TEE OS, it's necessary to choose a corresponding makefile(e.g. qemu_v8.mk\qemu.mk\juno,mk\hikey.mk\hikey960.mk) according to OP-TEE documentation.

After the OP-TEE OS has been installed on your device, you can try Teaclave TrustZone SDK for developing TEE applications in Rust. In Teaclave TrustZone SDK the default makefile is qemu_v8.mk for compiling arm64 applications, no need to change it.

So maybe you could:

1. Check whether Kunpeng supports OP-TEE;
2. Clone OP-TEE repo and compile OP-TEE OS;
3. Install OP-TEE OS on your Kunpeng device;
4. In Teaclave TrustZone SDK, set OPTEE_DIR to your OP-TEE repository, then develop TEE applications in Rust ( or you can try examples in /examples);
5. Copy Rust applications to your device.

[xglreal]

Hi @xglreal , There is probably Huawei's TEE OS inside Kunpeng chips, so I'm not sure if you can run OP-TEE OS on it. You can check the list of supported devices in OP-TEE documentation. When compiling OP-TEE OS, it's necessary to choose a corresponding makefile(e.g. qemu_v8.mk\qemu.mk\juno,mk\hikey.mk\hikey960.mk) according to OP-TEE documentation.

After the OP-TEE OS has been installed on your device, you can try Teaclave TrustZone SDK for developing TEE applications in Rust. In Teaclave TrustZone SDK the default makefile is qemu_v8.mk for compiling arm64 applications, no need to change it.

So maybe you could:

1. Check whether Kunpeng supports OP-TEE;

2. Clone OP-TEE repo and compile OP-TEE OS;

3. Install OP-TEE OS on your Kunpeng device;

4. In Teaclave TrustZone SDK, set `OPTEE_DIR` to your OP-TEE repository, then develop TEE applications in Rust ( or you can try examples in `/examples`);

5. Copy Rust applications to your device.

Very Thanks for you answer. I have compile the OP-TEE OS, but I don't known how to install OP-TEE OS. Do you known how the install and setup OP-TEE OS?

[DemesneGH]

Very Thanks for you answer. I have compile the OP-TEE OS, but I don't known how to install OP-TEE OS. Do you known how the install and setup OP-TEE OS?

@xglreal Maybe you should look at the documentation of Kunpeng chips to find some guidance, e.g. steps for entering maskrom mode or recovery mode, steps for replacing bl32 ( TEE OS ) firmware of the device.

[xglreal]

Very Thanks for you answer. I have compile the OP-TEE OS, but I don't known how to install OP-TEE OS. Do you known how the install and setup OP-TEE OS?

@xglreal Maybe you should look at the documentation of Kunpeng chips to find some guidance, e.g. steps for entering maskrom mode or recovery mode, steps for replacing bl32 ( TEE OS ) firmware of the device.

Got it. Very Thanks.

[mssun]

I believe this issue can be closed. Thanks!