This article is a guideline to OP-TEE trusted application support, which is fully integrated from release 1.7.1.21_MP13-A1 of STM32CubeIDE.
It proposes to create an OP-TEE trusted application project implementing:
- user space executable hello world which makes a call to OP-TEE trusted application
- OP-TEE trusted application itself, with universally unique identifier (a.k.a. UUID) support
1. Prerequisites[edit source]
Minimum hardware
- STM32MP135F-DK-based board
- Linux console
- Ethernet (or Ethernet over USB) for connection to Linux® Cortex®-A
Minimum software
- STM32CubeIDE v1.7.1.21_MP13-A1 installed and
- STM32MP15 project created
- Yocto SDK installed thanks to "Setup OpenSTLinux", root project contextual menu
- Linux project imported thanks to "Import an OpenSTLinux project", root project contextual menu
Yocto SDK is required to built trusted application example and Linux project is used here only to deploy trusted application on the STM32MP13 target.
2. Create a Trusted Application project[edit source]
In the root project context, named "myMp135fDk" here, right-click and select Create an OP-TEE Trusted Application Project.
Project name is given, note that the trusted application project uses by default the SDK version associated to the STM32MP13 project (OpenSTLinux 3.0.0 in this STM32CubeIDE 1.7 version).
Trusted Application type project is created under root project. It contains two repositories for sources:
- "host/", which targets user space executable sources
- and "ta/" corresponding to trusted application sources
3. Build[edit source]
Select your trusted application project, right-click and then Build Project.