This article describes how to develop a Trusted Application for OP-TEE using an OpenSTLinux environment.
1 Starting from an example[edit source]
The simplest way to begin the development of a new OP-TEE Trusted Application is to start from a minimal example. Let's take the hello_world example from the official optee_examples.git repository:
PC $> git clone https://github.com/linaro-swg/optee_examples
2 Build[edit source]
At this point it is assumed OpenSTLinux SDK is installed and set up correctly.
The Trusted Application can be built by running make. For instance with the "hello_world" example:
PC $> make -C optee_examples/hello_world make[1]: Entering directory '…/optee_examples/hello_world/host' [...] make[1]: Leaving directory '…/optee_examples/hello_world/host' make[1]: Entering directory '…/optee_examples/hello_world/ta' [...] make[1]: Leaving directory '…/optee_examples/hello_world/ta'
3 Run[edit source]
Once built, the Trusted Application and its client must be copied onto the running system at the expected location. For instance with the "hello_world" example, using scp:
PC $> scp optee_examples/hello_world/host/optee_example_hello_world root@<board ip address>:/usr/bin PC $> scp optee_examples/hello_world/ta/8aaaf200-2450-11e4-abe2-0002a5d5c51b.ta root@<board ip address>::/lib/optee_armtz/
Now it can be executed easily from the running system:
root@stm32mp1:~# optee_example_hello_world D/TA: TA_CreateEntryPoint:39 has been called D/TA: TA_OpenSessionEntryPoint:68 has been called I/TA: Hello World! Invoking TA to increment 42 D/TA: inc_value:105 has been called I/TA: Got value: 42 from NW I/TA: Increase value to: 43 TA incremented value to 43 I/TA: Goodbye! D/TA: TA_DestroyEntryPoint:50 has been called
4 Going further[edit source]
To get more information on how to develop on OP-TEE Trusted Application, please refer to https://optee.readthedocs.io/en/latest/building/trusted_applications.html