How do I call a static TA from my secure TA component?

[toddkuhreng]

Hi,

I am want to call the function "test_trace" which is defined in static TA https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/sta/sta_self_tests.c from my secure TA. I am confused how to do that? Any pointers? Thank you so much.

I tried to the following, but it didn't work. It threw me the error, "fatal error: tee_client_api.h: No such file or directory". I am not sure whether this is the way to invoke the static TA from secure TA.
Is there a different set of internal APIs to call a static TA from secure TA?

#include <string.h>
#include <tee_internal_api.h>
#include <tee_internal_api_extensions.h>
#include <template_ta.h>

#include <tee_client_api.h>


#define STA_SELF_TEST_UUID \
       { 0xd96a5b40, 0xc3e5, 0x21e3, \
            { 0x87, 0x94, 0x10, 0x02, 0xa5, 0xd5, 0xc6, 0x1b } }


static TEE_Result call_static_ta(uint32_t param_types,
    TEE_Param params[4])
{
   **// How do I call  static TA 'test_trace' function here? (https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/sta/sta_self_tests.c)Is it possible to do so?**

    TEEC_Context ctx;
    TEEC_Result res;
    TEEC_Session sess;

     TEEC_UUID uuid = STA_SELF_TEST_UUID;
      uint32_t err_origin;

     res = TEEC_InitializeContext(NULL, &ctx);
    if (res != TEEC_SUCCESS)
           errx(1, "NW: TEEC_InitializeContext failed with code 0x%x", res);

    res = TEEC_OpenSession(&ctx, &sess, &uuid,
                   TEEC_LOGIN_PUBLIC, NULL, NULL, &err_origin);
    if (res != TEEC_SUCCESS)
          errx(1, "NW: TEEC_Opensession failed with code 0x%x origin 0x%x",           res, err_origin);

     TEEC_InvokeCommand( &session, CMD_TRACE, NULL, &ret_orig);
     TEEC_CloseSession(&session); 
   return TEE_SUCCESS;
}

TEE_Result TA_InvokeCommandEntryPoint(void __unused *sess_ctx, uint32_t cmd_id,
    uint32_t param_types, TEE_Param params[4])
{
  switch (cmd_id) {

  case CALL_STATIC_TA:
      return call_static_ta(param_types, params);
      break;

    default:
        return TEE_ERROR_BAD_PARAMETERS;
  }
}

[vchong]

The dynamic TA can communicate with the static TA using Internal Client APIs. Refer to Section 4.9 of GP's TEE Interal Core API Spec v1.1.

[toddkuhreng]

Yes, got it. Thank you so much.

[toddkuhreng]

@vchong ,

I am facing another issue now. I am trying to call this https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/sta/sta_self_tests.c static TA from my normal user level(normal world client) TA.
It worked well with qemu, but when I tried the same code in Hikey board it is throwing error

When I call this function:

#define STA_SELF_TEST_UUID \
         { 0xd96a5b40, 0xc3e5, 0x21e3, \
          { 0x87, 0x94, 0x10, 0x02, 0xa5, 0xd5, 0xc6, 0x1b } }
TEEC_UUID uuid = STA_SELF_TEST_UUID;

res = TEEC_OpenSession(&ctx, &sess, &uuid,   TEEC_LOGIN_PUBLIC, NULL, NULL, &err_origin);

Error code I am getting is this one.

DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:tee_ta_open_session:474: init session failed 0xffff0008
DEBUG:   [0x0] TEE-CORE:tee_dispatch_open_session:127:   => Error: ffff0008 of 3

#define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008
I was wondering whether this static TA is not included in Hikey build. How do I check whether this static TA is actually included in trusted os?

I searched for this file "d96a5b40-c3e5-21e3-87941002a5d5c61b.ta" in out directory, but I could find that file.

Thanks in advance,

[toddkuhreng]

So I ran the testcase xtest 1001 that also failed.
So is it a bug in Hikey?

Error I see at secure side is as following:

DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:tee_ta_open_session:474: init session failed 0xffff000e
DEBUG:   [0x0] TEE-CORE:tee_dispatch_open_session:127:   => Error: ffff000e of 3

But at normal world it prints like following:

hikey:/ # xtest 1001                                                           
Test ID: 1001
Run test suite with level=0

TEE test application started with device [(null)]
######################################################
#
# XTEST_TEE_TEST
#
######################################################

* XTEST_TEE_1001 Core self tests
  XTEST_TEE_1001 OK
+-----------------------------------------------------
Result of testsuite XTEST_TEE_TEST filtered by "1001":
XTEST_TEE_1001 OK
+-----------------------------------------------------
0 subtest of which 0 failed
1 test case of which 0 failed
62 test cases was skipped
TEE test application done!
hikey:/ # 

[vchong]

Try adding CFG_TEE_CORE_EMBED_INTERNAL_TESTS=y https://github.com/OP-TEE/build/blob/master/hikey.mk#L189, i.e.

OPTEE_OS_COMMON_FLAGS += PLATFORM=hikey CFG_TEE_TA_LOG_LEVEL=3 CFG_CONSOLE_UART=$(CFG_SW_CONSOLE_UART)
OPTEE_OS_COMMON_FLAGS += CFG_TEE_CORE_EMBED_INTERNAL_TESTS=y

[toddkuhreng]

@vchong ,

Apparently, it didn't work either. I am starting to wonder whether this is a bug.

So I am working on OPTEE + AOSP. I added CFG_TEE_CORE_EMBED_INTERNAL_TESTS=y to plat-hikey/conf.mk and recompiled everything from scratch.

Then I ran xtest 1001.

And I see following error. Can someone please try this in their Hikey+Android build too?
Thank you so much.

DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:tee_ta_open_session:474: init session failed 0xffff0008
DEBUG:   [0x0] TEE-CORE:tee_dispatch_open_session:127:   => Error: ffff0008 of 3
DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:tee_ta_open_session:474: init session failed 0xffff0008
DEBUG:   [0x0] TEE-CORE:tee_dispatch_open_session:127:   => Error: ffff0008 of 3

hikey:/ # xtest 1001                                                           
Test ID: 1001
Run test suite with level=0

TEE test application started with device [(null)]
######################################################
#
# XTEST_TEE_TEST
#
######################################################

* XTEST_TEE_1001 Core self tests
ERR [3136] TEES:load_ta:199:   TA not found

[vchong]

Is d96a5b40-c3e5-21e3-87941002a5d5c61b.ta built when you run your build? If yes, do you see it (or anything else) under /system/lib/optee_armtz/ in your device?

[jforissier]

@vchong it's a "static" TA so it's not in the fileystem ;)

Sorry no AOSP test for me, I'm using my own simplified initramfs build (https://github.com/jforissier/hikey_optee) which is very similar to the "repo" setup described in the OP-TEE documentation. And, I can confirm the static TA runs as expected on HiKey when enabled:

$ make -j9 CFG_TEE_CORE_EMBED_INTERNAL_TESTS=y CFG_TEE_CORE_LOG_LEVEL=3
[...]
$ make flash
[...]
root@HiKey:/ xtest 1001
Test ID: 1001
Run test suite with level=0

TEE test application started with device [(null)]
######################################################
#
# XTEST_TEE_TEST
#
######################################################

* XTEST_TEE_1001 Core self tests
DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:171:       Open sta_self_tests.ta
DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:185:       sta_self_tests.ta : d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:create_ta:204: create entry point for static ta "sta_self_tests.ta"
DEBUG:   [0x0] TEE-CORE:open_session:216: open entry point for static ta "sta_self_tests.ta"
DEBUG:   [0x0] TEE-CORE:invoke_command:228: command entry point for static ta "sta_self_tests.ta"
DEBUG:   [0x0] TEE-CORE:tee_ta_close_session:318: tee_ta_close_session(0x3f053f20)
DEBUG:   [0x0] TEE-CORE:tee_ta_close_session:337:    ... Destroy session
DEBUG:   [0x0] TEE-CORE:close_session:222: close entry point for static ta "sta_self_tests.ta"
DEBUG:   [0x0] TEE-CORE:destroy_ta:210: destroy entry point for static ta "sta_self_tests.ta"
DEBUG:   [0x0] TEE-CORE:tee_ta_close_session:358:    ... Destroy TA ctx
  XTEST_TEE_1001 OK
+-----------------------------------------------------
Result of testsuite XTEST_TEE_TEST filtered by "1001":
XTEST_TEE_1001 OK
+-----------------------------------------------------
1 subtest of which 0 failed
1 test case of which 0 failed
723 test cases was skipped
TEE test application done!

[vchong]

@jforissier Oops.. right, sorry, forgot about that.
@toddkuhreng Maybe you can check the build log to see if sta_self_tests.c is built.

[toddkuhreng]

@vchong @jforissier ,

Yes, sta_self_tests.c is built. To test that I added few mistakes to this file and recompiled.
Compiler caught the mistakes and it threw errors. So that means it is built, right?

Is there anything else I am missing. This time I added a new static TA (gpio_sta) too.
and added srcs-y += gpio_sta.c to sub.mk.

That is all what is required, right? Each time I am recompiling everything from scratch and it is taking hours to compile this AOSP code. Is there anyway I can compile only optee_os in AOSP code base?

Sorry, for spamming. I am bit stuck with this. Thanks a lot.

[d3zd3z]

Each time I am recompiling everything from scratch and it is taking hours to compile this AOSP code.

If you just rerun make at the top of the tree, it should mostly only recompile what has changed. Does this not work? Also, if you do:

$ adb remount
$ adb sync

it should sync over just the files that changed, instead of having to reflash the entire system partition.

[toddkuhreng]

@d3zd3z ,

I been flashing all the time after rebuilding the image. So I guess I just have to set the evn variable

export ANDROID_PRODUCT_OUT=/home/todd/android_hikey/out/target/product/hikey/
adb sync

But how about the jumpers? Should I link jumpers 1-2 and 3-4 when I do this "adb sync" ?

[vchong]

No, 1-2 and 3-4 will put you in recovery mode, and you'll never boot to Android. Don't link 3-4.

[toddkuhreng]

@vchong @jforissier ,

I rebuilt everything from scratch with following command:

make -j32 CFG_TEE_CORE_EMBED_INTERNAL_TESTS=y CFG_TEE_CORE_LOG_LEVEL=3

I see sta_self_tests.c and my new static TA is getting compiled. However, I am stuck with the same error:

DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61c
DEBUG:   [0x0] TEE-CORE:tee_ta_open_session:474: init session failed 0xffff0008
DEBUG:   [0x0] TEE-CORE:tee_dispatch_open_session:127:   => Error: ffff0008 of 3
DEBUG:   [0x0] TEE-CORE:tee_ta_init_static_ta_session:159:    Lookup for Static TA d96a5b40-c3e5-21e3-87941002a5d5c61b
DEBUG:   [0x0] TEE-CORE:tee_ta_open_session:474: init session failed 0xffff0008
DEBUG:   [0x0] TEE-CORE:tee_dispatch_open_session:127:   => Error: ffff0008 of 3

hikey:/ # xtest 1001                                                         
Test ID: 1001
Run test suite with level=0

TEE test application started with device [(null)]
######################################################
#
# XTEST_TEE_TEST
#
######################################################

* XTEST_TEE_1001 Core self tests
ERR [2867] TEES:load_ta:199:   TA not found
  XTEST_TEE_1001 OK
+-----------------------------------------------------
Result of testsuite XTEST_TEE_TEST filtered by "1001":
XTEST_TEE_1001 OK
+-----------------------------------------------------
0 subtest of which 0 failed
1 test case of which 0 failed
62 test cases was skipped
TEE test application done!

Any suggestions to fix this? For adding new static TA all I have to do is the following, right?

1. Static TA file in optee_os/core/arch/arm/sta/gpio_sta.c (I just copied sta_self_tests.c and changed the UID)
2. Added srcs-y += gpio_sta.c to sub.mk

Is there anything else I have to do? Is there any other configuration file I have to take care of? I have no clue why is it not working for me. How do I debug this? :(

[d3zd3z]

Remember that the OS isn't built as part of the Android build system, so you have to build (and modify) that outside of the Android build, and ultimately bring it in by copying the fip.bin file from the standalone build into the Android tree (where it expects it, you could also rm the file and make it a symlink to the built one). Aside from the secure OS itself, however, everything else is built within the Android build environment.

So, adding a static TA will need to be done to the optee_os directory in the standalone build, and the use of it will need to be done within the android tree. You'll then want to do something like:

1. within the optee standalone tree, run make with necessary args
2. either copy the arm-trusted-firmware/build/hikey/release/fip.bin into device/linaro/hikey/installer to run the flash script, or flash it yourself with fastboot flash fastboot path/to/fip.bin.
3. Build the android tree by make -j32 at the top of the tree, this should only take a very long time the first time.
4. Either use adb sync, or flash the system image.

[toddkuhreng]

@d3zd3z ,

I am bit confused now. I see an optee_os folder inside the AOSP repo and I thought when I do make from AOSP root directory it will build the changes I made in optee_os (inside AOSP) too. So I was adding static TA inside optee_os inside AOSP and using my old fip.bin because I thought fip.bin is justtrusted firmware image, it doesn't include static TA or optee_os code. Is that wrong?

But if I understand you correctly, I have to

1. keep a separate Hikey repo
2. Add static TA to that repo + changes to optee_os core too
3. build that independent Hikey repo
4. Use the fip.bin from that independent Hikey build to flash the Hikey board

My confusion is this, fip.bin is just trusted firmware image, right? I thought It doesn't include static TA or optee_os? if this is true, how do I make sure changes I made in optee_os will be reflected on my hikey board? Is there any other image other than fip.binthat I should take from independent hikey build? Could you please clarify this for me ? Thank you so much.

[jforissier]

fip.bin does include OP-TEE OS (tee.bin), which itself contains the static TAs (that is why we called them 'static TAs', they are statically linked with the OP-TEE OS kernel).

[toddkuhreng]

aah, that makes lot of sense now :) Let me test this now.
Thank you so much.

[toddkuhreng]

@jforissier ,

I am now trying to check out the hikey build again. However, stuck with the following error:

Fetching projects:  76% (13/17)  Fetching project grub
fatal: unable to connect to git.savannah.gnu.org:
git.savannah.gnu.org[0: 208.118.235.72]: errno=Connection timed out

I tried to check out this Hikey repo couple of times nows. Looks like "http://git.savannah.gnu.org/" is down.

[jforissier]

Yeah it's down for me, too :(
Maybe you can use https://github.com/jforissier/grub instead. It's a fork I made some time ago, the master branch is a snapshot from the official tree dated Apr 6.

[toddkuhreng]

yeah, it worked. Thank you :)