diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e4e933c1..03b6f8df 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,20 +28,6 @@ defaults: shell: bash jobs: - # Run test on AMD64 host - test-on-amd64-host: - uses: ./.github/workflows/reuse_test.yml - with: - runs-on: ubuntu-latest - container: ghcr.io/ivila/teaclave-trustzone-sdk-ci-runner:ubuntu-24.04 - - # Run test on ARM64 host - test-on-arm64-host: - uses: ./.github/workflows/reuse_test.yml - with: - runs-on: ubuntu-24.04-arm - container: ghcr.io/ivila/teaclave-trustzone-sdk-ci-runner:ubuntu-24.04 - # Run systest of optee_teec and build systest of optee_utee on ARM64 systest: runs-on: ubuntu-24.04-arm @@ -65,8 +51,28 @@ jobs: (cd optee-teec && cargo run -p systest) (cd optee-utee && cargo build -p systest) - # Test build no-std examples on dev docker container - test-nostd-build-on-dev-docker: + # Test cargo-optee build no-std examples - aarch64 + test-cargo-optee-nostd-aarch64: + runs-on: ubuntu-latest + container: + image: teaclave/teaclave-trustzone-emulator-nostd-expand-memory:latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Setup environment + run: | + # Run entrypoint.sh to set up the bash profile + /entrypoint.sh true + # Install jq for JSON parsing + apt-get update && apt-get install -y jq + - name: Test cargo-optee no-std build (aarch64) + shell: bash -l {0} # Use login shell to load the profile + run: | + # Build using cargo-optee tool with default aarch64 settings + ./ci/build.sh + + # Test cargo-optee build no-std examples - arm32 + test-cargo-optee-nostd-arm32: runs-on: ubuntu-latest container: image: teaclave/teaclave-trustzone-emulator-nostd-expand-memory:latest @@ -77,13 +83,44 @@ jobs: run: | # Run entrypoint.sh to set up the bash profile /entrypoint.sh true - - name: Build no-std and common examples + # Install jq for JSON parsing + apt-get update && apt-get install -y jq + - name: Test cargo-optee no-std build (arm32) shell: bash -l {0} # Use login shell to load the profile run: | - make + # Switch to ARM32 configuration and build + # Note: Explicit environment reload needed for GitHub Actions + # (wrapper function in .bashrc not working for non-interactive shells: docker exec cmd=[...]) + # We can fix this by updating entrypoint.sh to make ~/.profile source ~/.bashrc + switch_config --ta no-std/arm32 && \ + switch_config --host arm32 && \ + source ${TEACLAVE_TOOLCHAIN_BASE}/environment && \ + ./ci/build.sh --ta arm --host arm + + # Test cargo-optee build std examples - aarch64 + test-cargo-optee-std-aarch64: + runs-on: ubuntu-latest + container: + image: teaclave/teaclave-trustzone-emulator-std-expand-memory:latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Setup environment + run: | + # Run entrypoint.sh to set up the bash profile + /entrypoint.sh true + # Install jq for JSON parsing + apt-get update && apt-get install -y jq + - name: Test cargo-optee std build (aarch64) + shell: bash -l {0} # Use login shell to load the profile + run: | + # Link rust directory for std support + ln -s $RUST_STD_DIR rust + # Build using cargo-optee tool with default aarch64 std settings + ./ci/build.sh --std - # Test build std examples on dev docker container - test-std-build-on-dev-docker: + # Test cargo-optee build std examples - arm32 + test-cargo-optee-std-arm32: runs-on: ubuntu-latest container: image: teaclave/teaclave-trustzone-emulator-std-expand-memory:latest @@ -94,11 +131,21 @@ jobs: run: | # Run entrypoint.sh to set up the bash profile /entrypoint.sh true - - name: Build no-std and common examples + # Install jq for JSON parsing + apt-get update && apt-get install -y jq + - name: Test cargo-optee std build (arm32) shell: bash -l {0} # Use login shell to load the profile run: | + # Link rust directory for std support ln -s $RUST_STD_DIR rust - make std-examples + # Switch to ARM32 std configuration and build + # Note: Explicit environment reload needed for GitHub Actions + # (wrapper function in .bashrc not working for non-interactive shells: docker exec cmd=[...]) + # We can fix this by updating entrypoint.sh to make ~/.profile source ~/.bashrc + switch_config --ta std/arm32 && \ + switch_config --host arm32 && \ + source ${TEACLAVE_TOOLCHAIN_BASE}/environment && \ + ./ci/build.sh --ta arm --host arm --std license: runs-on: ubuntu-latest diff --git a/.licenserc.yaml b/.licenserc.yaml index c0456a78..d0c5dc2d 100644 --- a/.licenserc.yaml +++ b/.licenserc.yaml @@ -29,7 +29,7 @@ header: - '**/Cargo.lock' - 'KEYS' - 'DISCLAIMER' - - '*.json' + - '**/*.json' - 'examples/tls_server-rs/ta/test-ca/**' - '**/uuid.txt' - '**/plugin_uuid.txt' diff --git a/Makefile b/Makefile deleted file mode 100644 index 53666979..00000000 --- a/Makefile +++ /dev/null @@ -1,99 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -ifeq ($(O),) -out-dir := $(CURDIR)/out -else -out-dir := $(O) -endif - -bindir ?= /usr/bin -libdir ?= /usr/lib - -ifneq ($V,1) - q := @ - echo := @echo -else - q := - echo := @: -endif -# export 'q', used by sub-makefiles. -export q - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= $(CROSS_COMPILE) -CROSS_COMPILE_TA ?= $(CROSS_COMPILE) -TARGET_HOST ?= $(TARGET) -TARGET_TA ?= $(TARGET) -BUILDER ?= cargo -FEATURES ?= - -.PHONY: all examples std-examples no-std-examples \ - install clean examples-clean help - -ifneq ($(wildcard $(TA_DEV_KIT_DIR)/host_include/conf.mk),) -all: examples -else -all: - $(q)echo "TA_DEV_KIT_DIR is not correctly defined" && false -endif - -# Default examples target - builds no-std examples for backward compatibility -examples: no-std-examples - -# Delegate all examples-related targets to examples/Makefile -std-examples no-std-examples: - $(q)$(MAKE) -C examples $@ TARGET_HOST=$(TARGET_HOST) \ - TARGET_TA=$(TARGET_TA) \ - CROSS_COMPILE_HOST=$(CROSS_COMPILE_HOST) \ - CROSS_COMPILE_TA=$(CROSS_COMPILE_TA) \ - TA_DEV_KIT_DIR=$(TA_DEV_KIT_DIR) \ - OPTEE_CLIENT_EXPORT=$(OPTEE_CLIENT_EXPORT) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -install: examples - $(echo) ' INSTALL ${out-dir}/lib/optee_armtz' - $(q)mkdir -p ${out-dir}/lib/optee_armtz - $(q)find examples/*/ta/target/$(TARGET_TA)/ -name *.ta -exec cp {} ${out-dir}/lib/optee_armtz \; - $(echo) ' INSTALL ${out-dir}${bindir}' - $(q)mkdir -p ${out-dir}${bindir} - $(q)cp examples/*/host/target/$(TARGET_HOST)/release/*-rs ${out-dir}${bindir} - $(echo) ' INSTALL ${out-dir}${libdir}/tee-supplicant/plugins/' - $(q)mkdir -p ${out-dir}${libdir}/tee-supplicant/plugins/ - $(q)find examples/*/plugin/target/$(TARGET_HOST)/ -name *.plugin.so -exec cp {} ${out-dir}${libdir}/tee-supplicant/plugins/ \; - -clean: examples-clean out-clean - -examples-clean: - $(q)$(MAKE) -C examples clean - -out-clean: - rm -rf out - -help: - @echo "Available targets:" - @echo " examples - Build no-std examples (default, backward compatible)" - @echo " std-examples - Build std examples (std-only + common)" - @echo " no-std-examples - Build no-std examples (no-std-only + common)" - @echo " install - Install built examples to out directory" - @echo " clean - Clean all examples and output directory" - @echo "" \ No newline at end of file diff --git a/examples/aes-rs/host/Makefile b/cargo-optee/Cargo.toml similarity index 56% rename from examples/aes-rs/host/Makefile rename to cargo-optee/Cargo.toml index 1e100128..d9322789 100644 --- a/examples/aes-rs/host/Makefile +++ b/cargo-optee/Cargo.toml @@ -15,26 +15,28 @@ # specific language governing permissions and limitations # under the License. -NAME := aes-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean +[package] +name = "cargo-optee" +version = "0.1.0" +authors = ["Teaclave Contributors "] +license = "Apache-2.0" +repository = "https://github.com/apache/teaclave-trustzone-sdk.git" +description = "A cargo subcommand for building OP-TEE Trusted Applications" +edition = "2021" + +[[bin]] +name = "cargo-optee" +path = "src/main.rs" + +[dependencies] +clap = { version = "4.5", features = ["derive"] } +anyhow = "1.0" +cargo_metadata = "0.18" +serde = { version = "1.0", features = ["derive"] } +serde_json = "1.0" +toml = "0.8" +indexmap = "=2.11.4" +env_logger = "0.11" +log = "0.4" +tempfile = "3.8" +dirs = "5.0" diff --git a/cargo-optee/README.md b/cargo-optee/README.md new file mode 100644 index 00000000..cf6b9292 --- /dev/null +++ b/cargo-optee/README.md @@ -0,0 +1,566 @@ +# cargo-optee + +A Cargo subcommand for building OP-TEE Trusted Applications (TAs) and Client Applications (CAs) in Rust. + +## Overview + +`cargo-optee` simplifies the development workflow for OP-TEE applications by replacing complex Makefiles with a unified, type-safe command-line interface. It handles cross-compilation, custom target specifications, environment setup, and signing automatically. + +## High-Level Design + +### Architecture + +``` + ┌──────────────────┐ + │ TA Developer │ + │ (CLI input) │ + └────────┬─────────┘ + │ + ▼ + ┌──────────────────────────────────────────────┐ + │ cargo-optee (this tool) │ + │ │ + │ ┌────────────────────────────────────────┐ │ + │ │ 1. Parse CLI & Validate Parameters │ │ + │ │ - Architecture (aarch64/arm) │ │ + │ │ - Build mode (std/no-std) │ │ + │ │ - Build type (TA/CA/PLUGIN) │ │ + │ └──────────────────┬─────────────────────┘ │ + │ │ │ + │ ┌──────────────────▼─────────────────────┐ │ + │ │ 2. Setup Build Environment │ │ + │ │ - Set environment variables │ │ + │ │ - Configure cross-compiler │ │ + │ └──────────────────┬─────────────────────┘ │ + │ │ │ + │ ┌──────────────────▼─────────────────────┐ │ + │ │ 3. Execute Build Pipeline │ │ + │ │ - Run clippy (linting) │ │ + │ │ - Build binary: cargo/xargo + gcc │ │ + │ │ - Strip symbols: objcopy │ │ + │ │ - Sign TA: Python script (TA only) │ │ + │ └──────────────────┬─────────────────────┘ │ + │ │ │ + └─────────────────────┼────────────────────────┘ + │ + ▼ + ┌──────────────────────────────────────────────┐ + │ Low-Level Tools (dependencies) │ + │ │ + │ - cargo/xargo: Rust compilation │ + │ - gcc: Linking with OP-TEE libraries │ + │ - objcopy: Symbol stripping │ + │ - Python script: TA signing (TA only) │ + │ │ + └──────────────────────────────────────────────┘ +``` + +## Quick Start + +### Installation + +Assume developers have Rust, Cargo, and the gcc toolchain installed and added to PATH (the guide is in future plan). Then install `cargo-optee` using Cargo: + +```bash +cargo install cargo-optee +``` + +## Configuration System + +`cargo-optee` uses a flexible configuration system with the following priority (highest to lowest): + +1. **Command Line Arguments** - Direct CLI flags override everything +2. **Cargo.toml Metadata** - Project-specific configuration in `[package.metadata.optee.*]` sections +3. **Defaults** - Built-in sensible defaults + +This allows projects to define their standard configuration in `Cargo.toml` while still permitting CLI overrides for specific builds. + +### Metadata Configuration + +#### Trusted Application (TA) Metadata + +Configure TA builds in your `Cargo.toml`: + +```toml +[package.metadata.optee.ta] +arch = "aarch64" # Target architecture: "aarch64" | "arm" (optional, default: "aarch64") +debug = false # Debug build: true | false (optional, default: false) +std = false # Use std library: true | false (optional, default: false) +uuid-path = "../uuid.txt" # Path to UUID file (optional, default: "../uuid.txt") +# Architecture-specific configuration (omitted architectures default to null/unsupported) +ta-dev-kit-dir = { + aarch64 = "/opt/optee/export-ta_arm64", + arm = "/opt/optee/export-ta_arm32" +} +signing-key = "/path/to/key.pem" # Path to signing key (optional, defaults to ta-dev-kit/keys/default_ta.pem) +``` + +**Allowed entries:** +- `arch`: Target architecture (`"aarch64"` or `"arm"`) +- `debug`: Build in debug mode (`true` or `false`) +- `std`: Enable std library support (`true` or `false`) +- `uuid-path`: Relative or absolute path to UUID file +- `ta-dev-kit-dir`: Architecture-specific paths to TA development kit (required) +- `signing-key`: Path to signing key file + +#### Client Application (CA) Metadata + +Configure CA builds in your `Cargo.toml`: + +```toml +[package.metadata.optee.ca] +arch = "aarch64" # Target architecture: "aarch64" | "arm" (optional, default: "aarch64") +debug = false # Debug build: true | false (optional, default: false) +# Architecture-specific configuration +optee-client-export = { + aarch64 = "/opt/optee/export-client_arm64" // if your CA only supports aarch64, you can omit arm +} +``` + +**Allowed entries:** +- `arch`: Target architecture (`"aarch64"` or `"arm"`) +- `debug`: Build in debug mode (`true` or `false`) +- `optee-client-export`: Architecture-specific paths to OP-TEE client export (required) + +#### Plugin Metadata + +Configure plugin builds in your `Cargo.toml`: + +```toml +[package.metadata.optee.plugin] +arch = "aarch64" # Target architecture: "aarch64" | "arm" (optional, default: "aarch64") +debug = false # Debug build: true | false (optional, default: false) +uuid-path = "../plugin_uuid.txt" # Path to UUID file (required for plugins) +# Architecture-specific configuration +optee-client-export = { + aarch64 = "/opt/optee/export-client_arm64", + arm = "/opt/optee/export-client_arm32" +} +``` + +**Allowed entries:** +- `arch`: Target architecture (`"aarch64"` or `"arm"`) +- `debug`: Build in debug mode (`true` or `false`) +- `uuid-path`: Relative or absolute path to UUID file (required for plugins) +- `optee-client-export`: Architecture-specific paths to OP-TEE client export (required) + +### Project Structure + +Cargo-optee expects the following project structure by default. + +``` +project/ +├── uuid.txt # TA UUID +├── ta/ # Trusted Application +│ ├── Cargo.toml +│ ├── src/ +│ │ └── main.rs +│ └── build.rs # Build script +├── host/ # Client Application (host) +│ ├── Cargo.toml +│ ├── src/ +│ │ └── main.rs +└── proto/ # Shared definitions such as TA command IDs and TA UUID + ├── Cargo.toml + └── src/ + └── lib.rs +``` + +See examples in the SDK for reference, such as `hello_world-rs`. +The `cargo new` command (planned, not yet available) will generate a project template with this structure. For now, copy an existing example as a starting point. + +### Build Commands + +#### Build Trusted Application (TA) + +```bash +cargo-optee build ta \ + --ta-dev-kit-dir \ + [--manifest-path ] \ + [--arch aarch64|arm] \ + [--std] \ + [--signing-key ] \ + [--uuid-path ] \ + [--debug] +``` + +**Required:** +- `--ta-dev-kit-dir `: Path to OP-TEE TA development kit (available after building OP-TEE OS), user must provide this for building TAs. + +**Optional:** +- `--manifest-path `: Path to Cargo.toml manifest file +- `--arch `: Target architecture (default: `aarch64`) + - `aarch64`: ARM 64-bit architecture + - `arm`: ARM 32-bit architecture +- `--std`: Build with std support (uses xargo and custom target) +- `--signing-key `: Path to signing key (default: `/keys/default_ta.pem`) +- `--uuid-path `: Path to UUID file (default: `../uuid.txt`) +- `--debug`: Build in debug mode (default: release mode) + +**Example:** +```bash +# Build aarch64 TA with std support +cargo-optee build ta \ + --ta-dev-kit-dir /opt/optee/export-ta_arm64 \ + --manifest-path ./examples/hello_world-rs/ta/Cargo.toml \ + --arch aarch64 \ + --std + +# Build arm TA without std (no-std) +cargo-optee build ta \ + --ta-dev-kit-dir /opt/optee/export-ta_arm32 \ + --manifest-path ./ta/Cargo.toml \ + --arch arm +``` + +**Output:** +- TA binary: `target//release/.ta` +- Intermediate files in `target/` directory + +#### Build Client Application (CA) + +```bash +cargo-optee build ca \ + --optee-client-export \ + [--manifest-path ] \ + [--arch aarch64|arm] \ + [--debug] +``` + +**Required:** +- `--optee-client-export `: Path to OP-TEE client library directory (available after building OP-TEE client), user must provide this for building CAs. + +**Optional:** +- `--manifest-path `: Path to Cargo.toml manifest file +- `--arch `: Target architecture (default: `aarch64`) +- `--debug`: Build in debug mode (default: release mode) + +**Example:** +```bash +# Build aarch64 client application +cargo-optee build ca \ + --optee-client-export /opt/optee/export-client \ + --manifest-path ./examples/hello_world-rs/host/Cargo.toml \ + --arch aarch64 +``` + +**Output:** +- CA binary: `target//release/` + +#### Build Plugin + +We have one example for plugin: `supp_plugin-rs/plugin`. + +```bash +cargo-optee build plugin \ + --optee-client-export \ + --uuid-path \ + [--manifest-path ] \ + [--arch aarch64|arm] \ + [--debug] +``` + +**Required:** +- `--optee-client-export `: Path to OP-TEE client library directory (available after building OP-TEE client), user must provide this for building plugins. +- `--uuid-path `: Path to UUID file for naming the plugin + +**Optional:** +- `--manifest-path `: Path to Cargo.toml manifest file +- `--arch `: Target architecture (default: `aarch64`) +- `--debug`: Build in debug mode (default: release mode) + +**Example:** +```bash +# Build aarch64 plugin +cargo-optee build plugin \ + --optee-client-export /opt/optee/export-client \ + --manifest-path ./examples/supp_plugin-rs/plugin/Cargo.toml \ + --uuid-path ./examples/supp_plugin-rs/plugin_uuid.txt \ + --arch aarch64 +``` + +**Output:** +- Plugin binary: `target//release/.plugin.so` + +### Usage Workflows (including future design) + +#### Development/Emulation Environment + +For development and emulation, developers would like to build the one project and deploy to a target filesystem (e.g. QEMU shared folder) quickly. Frequent builds and quick rebuilds are common. + +**Using CLI arguments:** +```bash +# 1. Create new project (future) +cargo-optee new my_app +cd my_app + +# 2. Build TA and CA +cargo-optee build ta \ + --ta-dev-kit-dir $TA_DEV_KIT_DIR \ + --manifest-path ./ta/Cargo.toml \ + --arch aarch64 \ + --std + +cargo-optee build ca \ + --optee-client-export $OPTEE_CLIENT_EXPORT \ + --manifest-path ./host/Cargo.toml \ + --arch aarch64 + +# 3. Install to specific folder (future), e.g. QEMU shared folder for emulation +cargo-optee install --target /tmp/qemu-shared-folder +``` + +**Using metadata configuration:** +```bash +# 1. Configure once in Cargo.toml files, then simple builds +cd ta && cargo-optee build ta +cd ../host && cargo-optee build ca + +# 2. Override specific parameters when needed +cd ta && cargo-optee build ta --debug # Override to debug build +cd host && cargo-optee build ca --arch arm # Override architecture +``` + +#### Production/CI Environment + +For production and CI environments, artifacts should be cleaned up after successful builds. It can help to avoid storage issues on CI runners. + +**Automated Build Pipeline:** +```bash +#!/bin/bash +# CI build script + +set -e + +# Build TA (release mode) +cargo-optee build ta \ + --ta-dev-kit-dir $TA_DEV_KIT_DIR \ + --manifest-path ./ta/Cargo.toml \ + --arch aarch64 \ + --std \ + --signing-key ./keys/production.pem + +# Build CA (release mode) +cargo-optee build ca \ + --optee-client-export $OPTEE_CLIENT_EXPORT \ + --manifest-path ./host/Cargo.toml \ + --arch aarch64 + +# Install to staging area (future) +cargo-optee install --target ./dist + +# Clean build artifacts to save space (future) +cargo-optee clean --all +``` + +## Implementation Status + +| Feature | Status | Notes | +|---------|--------|-------| +| `build ta` | ✅ Implemented | Supports aarch64/arm, std/no-std | +| `build ca` | ✅ Implemented | Supports aarch64/arm | +| `build plugin` | ✅ Implemented | Supports aarch64/arm, builds shared library plugins | +| `new` | ⏳ Planned | Project scaffolding | +| `install` | ⏳ Planned | Deploy to target filesystem | +| `clean` | ⏳ Planned | Remove build artifacts | +| `clean` | ⏳ Planned | Remove build artifacts | + +----- +## Appendix + +### Complete Parameter Reference + +#### Command Convention: User Input to Cargo Commands + +##### Example 1: Build aarch64 no-std TA + +**User Input:** +```bash +cargo-optee build ta \ + --ta-dev-kit-dir /opt/optee/export-ta_arm64 \ + --manifest-path ./ta/Cargo.toml \ + --arch aarch64 +``` + +**cargo-optee translates to:** +```bash +# 1. Clippy +cd ./ta +TA_DEV_KIT_DIR=/opt/optee/export-ta_arm64 \ +RUSTFLAGS="-C panic=abort" \ +cargo clippy --target aarch64-unknown-linux-gnu --release + +# 2. Build +TA_DEV_KIT_DIR=/opt/optee/export-ta_arm64 \ +RUSTFLAGS="-C panic=abort" \ +cargo build --target aarch64-unknown-linux-gnu --release \ + --manifest-path ./ta/Cargo.toml \ + --config target.aarch64-unknown-linux-gnu.linker="aarch64-linux-gnu-gcc" + +# 3. Strip +aarch64-linux-gnu-objcopy --strip-unneeded \ + target/aarch64-unknown-linux-gnu/release/ta \ + target/aarch64-unknown-linux-gnu/release/stripped_ta + +# 4. Sign +python3 /opt/optee/export-ta_arm64/scripts/sign_encrypt.py \ + --uuid \ + --key /opt/optee/export-ta_arm64/keys/default_ta.pem \ + --in target/aarch64-unknown-linux-gnu/release/stripped_ta \ + --out target/aarch64-unknown-linux-gnu/release/.ta +``` + +#### Example 2: Build arm std TA + +**User Input:** +```bash +cargo-optee build ta \ + --ta-dev-kit-dir /opt/optee/export-ta_arm32 \ + --manifest-path ./ta/Cargo.toml \ + --arch arm \ + --std +``` + +**cargo-optee translates to:** +```bash +# 1. Clippy +cd ./ta +TA_DEV_KIT_DIR=/opt/optee/export-ta_arm32 \ +RUSTFLAGS="-C panic=abort" \ +RUST_TARGET_PATH=/tmp/cargo-optee-XXXXX \ +xargo clippy --target arm-unknown-optee --features std --release \ + --manifest-path ./ta/Cargo.toml + +# 2. Build +TA_DEV_KIT_DIR=/opt/optee/export-ta_arm32 \ +RUSTFLAGS="-C panic=abort" \ +RUST_TARGET_PATH=/tmp/cargo-optee-XXXXX \ +xargo build --target arm-unknown-optee --features std --release \ + --manifest-path ./ta/Cargo.toml \ + --config target.arm-unknown-optee.linker="arm-linux-gnueabihf-gcc" + +# 3. Strip +arm-linux-gnueabihf-objcopy --strip-unneeded \ + target/arm-unknown-optee/release/ta \ + target/arm-unknown-optee/release/stripped_ta + +# 4. Sign +python3 /opt/optee/export-ta_arm32/scripts/sign_encrypt.py \ + --uuid \ + --key /opt/optee/export-ta_arm32/keys/default_ta.pem \ + --in target/arm-unknown-optee/release/stripped_ta \ + --out target/arm-unknown-optee/release/.ta +``` + +**Note:** `/tmp/cargo-optee-XXXXX` is a temporary directory containing the embedded `arm-unknown-optee.json` target specification. + +##### Example 3: Build aarch64 CA (Client Application) + +**User Input:** +```bash +cargo-optee build ca \ + --optee-client-export /opt/optee/export-client \ + --manifest-path ./host/Cargo.toml +``` + +**cargo-optee translates to:** +```bash +# 1. Clippy +cd ./host +OPTEE_CLIENT_EXPORT=/opt/optee/export-client \ +cargo clippy --target aarch64-unknown-linux-gnu \ + --manifest-path ./host/Cargo.toml + +# 2. Build +OPTEE_CLIENT_EXPORT=/opt/optee/export-client \ +cargo build --target aarch64-unknown-linux-gnu --release \ + --manifest-path ./host/Cargo.toml \ + --config target.aarch64-unknown-linux-gnu.linker="aarch64-linux-gnu-gcc" + +# 3. Strip +aarch64-linux-gnu-objcopy --strip-unneeded \ + target/aarch64-unknown-linux-gnu/release/ \ + target/aarch64-unknown-linux-gnu/release/ +``` + +#### Build Command Convention: Cargo to Low-Level Tools + +This section explains how cargo orchestrates low-level tools to build the TA ELF binary. We use an aarch64 no-std TA as an example. + +**Dependency Structure:** +``` +ta +├── depends on: optee_utee (Rust API for OP-TEE TAs) +│ └── depends on: optee_utee_sys (FFI bindings to OP-TEE C API) +│ └── build.rs: outputs cargo:rustc-link-* directives +│ Links with C libraries from TA_DEV_KIT_DIR/lib/: +│ - libutee.a (OP-TEE user-space TA API) +│ - libutils.a (utility functions) +│ - libmbedtls.a (crypto library) +└── build.rs: uses optee_utee_build crate to: + - Configure TA properties (UUID, stack size, etc.) + - Generate TA header file (user_ta_header.rs) + - Output link directives +``` + +**Build Flow:** + +**Step 1: cargo-optee invokes cargo** + +(As shown in the previous section) +```bash +TA_DEV_KIT_DIR=/opt/optee/export-ta_arm64 \ +RUSTFLAGS="-C panic=abort" \ +cargo build --target aarch64-unknown-linux-gnu --release \ + --config target.aarch64-unknown-linux-gnu.linker="aarch64-linux-gnu-gcc" +``` + +**Step 2: cargo prepares environment and invokes build scripts** + +Cargo automatically sets these environment variables: +- `TARGET=aarch64-unknown-linux-gnu` +- `PROFILE=release` +- `OUT_DIR=target/aarch64-unknown-linux-gnu/release/build/ta-/out` +- `RUSTC_LINKER=aarch64-linux-gnu-gcc` (from `--config` flag) + +Cargo inherits from cargo-optee: +- `TA_DEV_KIT_DIR=/opt/optee/export-ta_arm64` +- `RUSTFLAGS="-C panic=abort"` + +Cargo then executes build scripts in dependency order to set up the build directives: + +1. **`optee_utee_sys/build.rs`** + - Requires: `TA_DEV_KIT_DIR` + - Outputs `cargo:rustc-link-*` directives to link C libraries: + ``` + cargo:rustc-link-search={TA_DEV_KIT_DIR}/lib + cargo:rustc-link-lib=static=utee + cargo:rustc-link-lib=static=utils + cargo:rustc-link-lib=static=mbedtls + ``` + +2. **`ta/build.rs`** → calls **`optee_utee_build`** crate + - Requires: `TA_DEV_KIT_DIR`, `TARGET`, `OUT_DIR`, `RUSTC_LINKER` + - Optional: `CARGO_PKG_VERSION`, `CARGO_PKG_DESCRIPTION` (for automatic TA config) + - Actions: + 1. Generates TA manifest (`user_ta_header.rs`) with TA properties + 2. Outputs linker directives based on target architecture and linker type + +**Step 3: rustc compiles Rust source code** + +Rustc receives: +- Target triple: `--target aarch64-unknown-linux-gnu` +- Compiler flags: `-C panic=abort` (from `RUSTFLAGS`) +- Profile: `release` +- All link directives from build scripts + +Produces: `.rlib` files and object files (`.o`) + +**Step 4: gcc linker links final binary** + +The linker (specified by `RUSTC_LINKER=aarch64-linux-gnu-gcc`) links: +- Rust object files (`.o`) +- OP-TEE C static libraries: `libutee.a`, `libutils.a`, `libmbedtls.a` +- Using linker script: `ta.lds` + +**Output:** ELF binary at `target/aarch64-unknown-linux-gnu/release/ta` diff --git a/cargo-optee/aarch64-unknown-optee.json b/cargo-optee/aarch64-unknown-optee.json new file mode 100644 index 00000000..34c36960 --- /dev/null +++ b/cargo-optee/aarch64-unknown-optee.json @@ -0,0 +1,21 @@ +{ + "arch": "aarch64", + "data-layout": "e-m:e-i8:8:32-i16:16:32-i64:64-i128:128-n32:64-S128", + "features": "+strict-align", + "dynamic-linking": false, + "executables": true, + "has-rpath": true, + "linker-flavor": "ld", + "linker-is-gnu": true, + "llvm-target": "aarch64-unknown-linux-gnu", + "max-atomic-width": 128, + "os": "optee", + "position-independent-executables": true, + "relro-level": "full", + "target-c-int-width": "32", + "target-endian": "little", + "target-pointer-width": "64", + "vendor": "unknown", + "panic-strategy": "abort" + } + \ No newline at end of file diff --git a/cargo-optee/arm-unknown-optee.json b/cargo-optee/arm-unknown-optee.json new file mode 100644 index 00000000..79cf1257 --- /dev/null +++ b/cargo-optee/arm-unknown-optee.json @@ -0,0 +1,21 @@ +{ + "arch": "arm", + "data-layout": "e-m:e-p:32:32-Fi8-i64:64-v128:64:128-a:0:32-n32-S64", + "dynamic-linking": false, + "executables": true, + "features": "+strict-align,+v6,+vfp2", + "has-rpath": true, + "linker-flavor": "ld", + "linker-is-gnu": true, + "llvm-target": "arm-unknown-linux-gnueabihf", + "max-atomic-width": 64, + "os": "optee", + "position-independent-executables": true, + "relro-level": "full", + "target-c-int-width": "32", + "target-endian": "little", + "target-pointer-width": "32", + "vendor": "unknown", + "panic-strategy": "abort", + "singlethread": true +} diff --git a/cargo-optee/src/ca_builder.rs b/cargo-optee/src/ca_builder.rs new file mode 100644 index 00000000..27e8779a --- /dev/null +++ b/cargo-optee/src/ca_builder.rs @@ -0,0 +1,281 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +use anyhow::{bail, Result}; +use std::path::PathBuf; +use std::process::Command; + +use crate::common::{ + find_target_directory, get_target_and_cross_compile, print_cargo_command, + print_output_and_bail, read_uuid_from_file, Arch, ChangeDirectoryGuard, +}; + +#[derive(Clone)] +pub struct CaBuildConfig { + pub arch: Arch, // Architecture + pub optee_client_export: PathBuf, // Path to OP-TEE client export + pub debug: bool, // Debug mode (default false = release) + pub path: PathBuf, // Path to CA directory + pub plugin: bool, // Build as plugin (shared library) + pub uuid_path: Option, // Path to UUID file (for plugins) + // Customized variables + pub env: Vec<(String, String)>, // Custom environment variables for cargo build + pub no_default_features: bool, // Disable default features + pub features: Option, // Additional features to enable +} + +// Main function to build the CA, optionally installing to a target directory +pub fn build_ca(config: CaBuildConfig, install_dir: Option<&std::path::Path>) -> Result<()> { + // Change to the CA directory + let _guard = ChangeDirectoryGuard::new(&config.path)?; + + let component_type = if config.plugin { "Plugin" } else { "CA" }; + // Get the absolute path for better clarity + let absolute_path = std::fs::canonicalize(&config.path).unwrap_or_else(|_| config.path.clone()); + println!( + "Building {} in directory: {}", + component_type, + absolute_path.display() + ); + + // Step 1: Run clippy for code quality checks + run_clippy(&config)?; + + // Step 2: Build the CA + build_binary(&config)?; + + // Step 3: Post-build processing (strip for binaries, copy for plugins) + let final_binary = post_build(&config)?; + + // Print the final binary path with descriptive prompt + let absolute_final_binary = final_binary + .canonicalize() + .unwrap_or_else(|_| final_binary.clone()); + if config.plugin { + println!("Plugin copied to: {}", absolute_final_binary.display()); + } else { + println!( + "CA binary stripped and saved to: {}", + absolute_final_binary.display() + ); + } + + // Step 4: Install if requested + if let Some(install_dir) = install_dir { + use std::fs; + + // Check if install directory exists + if !install_dir.exists() { + bail!("Install directory does not exist: {:?}", install_dir); + } + + // Get package name from the final binary path + let package_name = final_binary + .file_name() + .and_then(|name| name.to_str()) + .ok_or_else(|| anyhow::anyhow!("Could not get binary name"))?; + + // Copy binary to install directory + let dest_path = install_dir.join(package_name); + fs::copy(&final_binary, &dest_path)?; + + println!( + "{} installed to: {:?}", + component_type, + dest_path.canonicalize().unwrap_or(dest_path) + ); + } + + println!("{} build successfully!", component_type); + + Ok(()) +} + +fn run_clippy(config: &CaBuildConfig) -> Result<()> { + println!("Running cargo fmt and clippy..."); + + // Run cargo fmt + let fmt_output = Command::new("cargo").arg("fmt").output()?; + + if !fmt_output.status.success() { + print_output_and_bail("cargo fmt", &fmt_output)?; + } + + // Determine target based on arch + let (target, _cross_compile) = get_target_and_cross_compile(config.arch); + + let mut clippy_cmd = Command::new("cargo"); + clippy_cmd.arg("clippy"); + clippy_cmd.arg("--target").arg(&target); + + // Set OPTEE_CLIENT_EXPORT environment variable for build scripts + clippy_cmd.env("OPTEE_CLIENT_EXPORT", &config.optee_client_export); + + clippy_cmd.arg("--"); + clippy_cmd.arg("-D").arg("warnings"); + clippy_cmd.arg("-D").arg("clippy::unwrap_used"); + clippy_cmd.arg("-D").arg("clippy::expect_used"); + clippy_cmd.arg("-D").arg("clippy::panic"); + + let clippy_output = clippy_cmd.output()?; + + if !clippy_output.status.success() { + print_output_and_bail("clippy", &clippy_output)?; + } + + Ok(()) +} + +fn build_binary(config: &CaBuildConfig) -> Result<()> { + let component_type = if config.plugin { "Plugin" } else { "CA" }; + println!("Building {} binary...", component_type); + + // Determine target and cross-compile based on arch + let (target, cross_compile) = get_target_and_cross_compile(config.arch); + + let mut build_cmd = Command::new("cargo"); + build_cmd.arg("build"); + build_cmd.arg("--target").arg(&target); + + // Add --no-default-features if specified + if config.no_default_features { + build_cmd.arg("--no-default-features"); + } + + // Add additional features if specified + if let Some(ref features) = config.features { + build_cmd.arg("--features").arg(features); + } + + if !config.debug { + build_cmd.arg("--release"); + } + + // Configure linker + let linker = format!("{}gcc", cross_compile); + let linker_cfg = format!("target.{}.linker=\"{}\"", target, linker); + build_cmd.arg("--config").arg(&linker_cfg); + + // Set OPTEE_CLIENT_EXPORT environment variable + build_cmd.env("OPTEE_CLIENT_EXPORT", &config.optee_client_export); + + // Apply custom environment variables + for (key, value) in &config.env { + build_cmd.env(key, value); + } + + // Print the full cargo build command for debugging + print_cargo_command(&build_cmd, "Building CA binary"); + + let build_output = build_cmd.output()?; + + if !build_output.status.success() { + print_output_and_bail("build", &build_output)?; + } + + Ok(()) +} + +fn post_build(config: &CaBuildConfig) -> Result { + if config.plugin { + copy_plugin(config) + } else { + strip_binary(config) + } +} + +fn copy_plugin(config: &CaBuildConfig) -> Result { + println!("Processing plugin..."); + + // Determine target based on arch + let (target, _cross_compile) = get_target_and_cross_compile(config.arch); + + let profile = if config.debug { "debug" } else { "release" }; + + // Use Cargo's workspace discovery strategy to find target directory + let workspace_target_dir = find_target_directory()?; + let target_dir = workspace_target_dir.join(target).join(profile); + + // Get the library name from Cargo.toml + let cargo_toml = std::fs::read_to_string("Cargo.toml")?; + let lib_name = cargo_toml + .lines() + .find(|line| line.trim().starts_with("name")) + .and_then(|line| line.split('=').nth(1)) + .map(|s| s.trim().trim_matches('"')) + .ok_or_else(|| anyhow::anyhow!("Could not find package name in Cargo.toml"))?; + + // Plugin is built as a shared library (lib.so) + let plugin_src = target_dir.join(format!("lib{}.so", lib_name)); + + if !plugin_src.exists() { + bail!("Plugin library not found at {:?}", plugin_src); + } + + // Read UUID from specified file + let uuid = read_uuid_from_file( + config + .uuid_path + .as_ref() + .ok_or_else(|| anyhow::anyhow!("UUID path is required for plugin builds"))?, + )?; + + // Copy to .plugin.so + let plugin_dest = target_dir.join(format!("{}.plugin.so", uuid)); + std::fs::copy(&plugin_src, &plugin_dest)?; + + Ok(plugin_dest) +} + +fn strip_binary(config: &CaBuildConfig) -> Result { + println!("Stripping binary..."); + + // Determine target based on arch + let (target, cross_compile) = get_target_and_cross_compile(config.arch); + + let profile = if config.debug { "debug" } else { "release" }; + let target_dir = PathBuf::from("target").join(target).join(profile); + + // Get the binary name from Cargo.toml + let cargo_toml = std::fs::read_to_string("Cargo.toml")?; + let binary_name = cargo_toml + .lines() + .find(|line| line.trim().starts_with("name")) + .and_then(|line| line.split('=').nth(1)) + .map(|s| s.trim().trim_matches('"')) + .ok_or_else(|| anyhow::anyhow!("Could not find package name in Cargo.toml"))?; + + let binary_path = target_dir.join(binary_name); + + if !binary_path.exists() { + bail!("Binary not found at {:?}", binary_path); + } + + let objcopy = format!("{}objcopy", cross_compile); + + let strip_output = Command::new(&objcopy) + .arg("--strip-unneeded") + .arg(&binary_path) + .arg(&binary_path) // Strip in place + .output()?; + + if !strip_output.status.success() { + print_output_and_bail(&objcopy, &strip_output)?; + } + + Ok(binary_path) +} diff --git a/cargo-optee/src/common.rs b/cargo-optee/src/common.rs new file mode 100644 index 00000000..aaa1d77c --- /dev/null +++ b/cargo-optee/src/common.rs @@ -0,0 +1,199 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +use anyhow::{bail, Result}; +use clap::ValueEnum; +use std::env; +use std::fs; +use std::path::PathBuf; +use std::process::{Command, Output}; +use toml::Value; + +/// Target architecture for building +#[derive(Debug, Clone, Copy, ValueEnum, PartialEq)] +pub enum Arch { + /// ARM 64-bit architecture + Aarch64, + /// ARM 32-bit architecture + Arm, +} + +impl std::str::FromStr for Arch { + type Err = String; + + fn from_str(s: &str) -> Result { + match s.to_lowercase().as_str() { + "aarch64" | "arm64" => Ok(Arch::Aarch64), + "arm" | "arm32" => Ok(Arch::Arm), + _ => Err(format!("Invalid architecture: {}", s)), + } + } +} + +/// Helper function to print command output and return error +pub fn print_output_and_bail(cmd_name: &str, output: &Output) -> Result<()> { + eprintln!( + "{} stdout: {}", + cmd_name, + String::from_utf8_lossy(&output.stdout) + ); + eprintln!( + "{} stderr: {}", + cmd_name, + String::from_utf8_lossy(&output.stderr) + ); + bail!( + "{} failed with exit code: {:?}", + cmd_name, + output.status.code() + ) +} + +/// Helper function to derive target and cross-compile prefix from arch +pub fn get_target_and_cross_compile(arch: Arch) -> (String, String) { + match arch { + Arch::Arm => ( + "arm-unknown-linux-gnueabihf".to_string(), + "arm-linux-gnueabihf-".to_string(), + ), + Arch::Aarch64 => ( + "aarch64-unknown-linux-gnu".to_string(), + "aarch64-linux-gnu-".to_string(), + ), + } +} + +/// RAII guard to ensure we return to the original directory +pub struct ChangeDirectoryGuard { + original: PathBuf, +} + +impl ChangeDirectoryGuard { + pub fn new(new_dir: &PathBuf) -> Result { + let original = env::current_dir()?; + env::set_current_dir(new_dir)?; + Ok(Self { original }) + } +} + +impl Drop for ChangeDirectoryGuard { + fn drop(&mut self) { + let _ = env::set_current_dir(&self.original); + } +} + +/// Print cargo command for debugging +pub fn print_cargo_command(cmd: &Command, description: &str) { + println!("{}...", description); + + // Extract program and args + let program = cmd.get_program(); + let args: Vec<_> = cmd.get_args().collect(); + + // Extract all environment variables + let envs: Vec = cmd + .get_envs() + .filter_map(|(k, v)| match (k.to_str(), v.and_then(|v| v.to_str())) { + (Some(key), Some(value)) => Some(format!("{}={}", key, value)), + _ => None, + }) + .collect(); + + // Print environment variables + if !envs.is_empty() { + println!(" Environment: {}", envs.join(" ")); + } + + // Print command + println!( + " Command: {} {}", + program.to_string_lossy(), + args.into_iter() + .map(|s| s.to_string_lossy()) + .collect::>() + .join(" ") + ); +} + +/// Find the target directory using Cargo's workspace discovery strategy +/// Start from current directory and walk up looking for workspace root +pub fn find_target_directory() -> Result { + let mut current_dir = env::current_dir()?; + + loop { + // Check if current directory has a Cargo.toml that declares a workspace + let cargo_toml_path = current_dir.join("Cargo.toml"); + if cargo_toml_path.exists() { + let cargo_toml_content = fs::read_to_string(&cargo_toml_path)?; + if let Ok(cargo_toml) = toml::from_str::(&cargo_toml_content) { + // If this Cargo.toml has a [workspace] section, this is the workspace root + if cargo_toml.get("workspace").is_some() { + return Ok(current_dir.join("target")); + } + } + } + + // Move to parent directory + if let Some(parent) = current_dir.parent() { + current_dir = parent.to_path_buf(); + } else { + // Reached filesystem root, no workspace found + // Use target directory in the original crate directory + return Ok(env::current_dir()?.join("target")); + } + } +} + +/// Read UUID from a file (e.g., uuid.txt) +pub fn read_uuid_from_file(uuid_path: &std::path::Path) -> Result { + if !uuid_path.exists() { + bail!("UUID file not found: {}", uuid_path.display()); + } + + let uuid_content = fs::read_to_string(uuid_path)?; + let uuid = uuid_content.trim().to_string(); + + if uuid.is_empty() { + bail!("UUID file is empty: {}", uuid_path.display()); + } + + Ok(uuid) +} + +/// Clean build artifacts for any OP-TEE component (TA, CA, Plugin) +pub fn clean_project(project_path: &std::path::Path) -> Result<()> { + println!("Cleaning build artifacts in: {:?}", project_path); + + let output = Command::new("cargo") + .arg("clean") + .current_dir(project_path) + .output()?; + + if !output.status.success() { + print_output_and_bail("cargo clean", &output)?; + } + + // Also clean the intermediate cargo-optee directory if it exists + let intermediate_dir = project_path.join("target").join("cargo-optee"); + if intermediate_dir.exists() { + fs::remove_dir_all(&intermediate_dir)?; + println!("Removed intermediate directory: {:?}", intermediate_dir); + } + + println!("Build artifacts cleaned successfully"); + Ok(()) +} diff --git a/cargo-optee/src/config.rs b/cargo-optee/src/config.rs new file mode 100644 index 00000000..4ba859c3 --- /dev/null +++ b/cargo-optee/src/config.rs @@ -0,0 +1,637 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +use anyhow::{bail, Result}; +use cargo_metadata::MetadataCommand; +use serde_json::Value; +use std::path::{Path, PathBuf}; + +use crate::common::Arch; + +/// Build configuration that can be discovered from proto metadata +#[derive(Debug, Clone)] +pub struct BuildConfig { + pub arch: Arch, + pub debug: bool, + pub std: bool, + pub ta_dev_kit_dir: Option, + pub optee_client_export: Option, + pub signing_key: Option, + pub uuid_path: Option, + /// additional environment key-value pairs, that should be passed to underlying + /// build commands + pub env: Vec<(String, String)>, +} + +impl BuildConfig { + /// Create a new build config by resolving parameters with priority: + /// 1. Command line arguments (highest priority) + /// 2. [package.metadata.optee.] in Cargo.toml + /// 3. Default values or error for mandatory parameters + #[allow(clippy::too_many_arguments)] + pub fn resolve( + project_path: &Path, + component_type: &str, // "ta", "ca", or "plugin" + cmd_arch: Option, + cmd_debug: Option, + cmd_std: Option, + cmd_ta_dev_kit_dir: Option, + cmd_optee_client_export: Option, + cmd_signing_key: Option, + cmd_uuid_path: Option, + ) -> Result { + // Try to find application metadata (optional) + let app_metadata = discover_app_metadata(project_path).ok(); + + // Try to get metadata config if available + let metadata_config = app_metadata + .as_ref() + .and_then(|meta| extract_build_config_from_metadata(meta, component_type).ok()); + + // Resolve architecture with priority: CLI > metadata > default + let arch = cmd_arch + .or_else(|| metadata_config.as_ref().map(|m| m.arch)) + .unwrap_or(Arch::Aarch64); + + // Re-resolve metadata with the final architecture if it was overridden + let final_metadata_config = if let Some(ref app_meta) = app_metadata { + if cmd_arch.is_some() && cmd_arch != metadata_config.as_ref().map(|m| m.arch) { + extract_build_config_with_arch(app_meta, arch, component_type).ok() + } else { + metadata_config + } + } else { + None + }; + + // Resolve parameters with priority: CLI > metadata > default + let debug = cmd_debug + .or_else(|| final_metadata_config.as_ref().map(|m| m.debug)) + .unwrap_or(false); + + let std = cmd_std + .or_else(|| final_metadata_config.as_ref().map(|m| m.std)) + .unwrap_or(false); + + // Resolve library paths with priority: CLI > metadata > None + let ta_dev_kit_dir = cmd_ta_dev_kit_dir.or_else(|| { + final_metadata_config + .as_ref() + .and_then(|m| m.ta_dev_kit_dir.clone()) + }); + + let optee_client_export = cmd_optee_client_export.or_else(|| { + final_metadata_config + .as_ref() + .and_then(|m| m.optee_client_export.clone()) + }); + + let signing_key = cmd_signing_key.or_else(|| { + final_metadata_config + .as_ref() + .and_then(|m| m.signing_key.clone()) + }); + + // Resolve uuid_path with priority: CLI > Cargo.toml metadata > default (../uuid.txt) + let uuid_path = cmd_uuid_path + .or_else(|| { + // Try to read uuid_path from package metadata + app_metadata + .as_ref() + .and_then(|meta| extract_uuid_path_from_metadata(meta).ok()) + }) + .unwrap_or_else(|| PathBuf::from("../uuid.txt")); + + Ok(BuildConfig { + arch, + debug, + std, + ta_dev_kit_dir, + optee_client_export, + signing_key, + uuid_path: Some(uuid_path), + env: final_metadata_config + .as_ref() + .map(|m| m.env.clone()) + .unwrap_or_default(), + }) + } + + /// Print the final configuration parameters being used + pub fn print_config(&self, component_type: &str, project_path: &Path) { + println!("Building {} with:", component_type.to_uppercase()); + println!(" Arch: {:?}", self.arch); + println!(" Debug: {}", self.debug); + + if component_type == "ta" { + println!(" Std: {}", self.std); + if let Some(ref ta_dev_kit_dir) = self.ta_dev_kit_dir { + let absolute_ta_dev_kit_dir = if ta_dev_kit_dir.is_absolute() { + ta_dev_kit_dir.clone() + } else { + project_path.join(ta_dev_kit_dir) + }; + println!(" TA dev kit dir: {:?}", absolute_ta_dev_kit_dir); + } + if let Some(ref signing_key) = self.signing_key { + let absolute_signing_key = if signing_key.is_absolute() { + signing_key.clone() + } else { + project_path.join(signing_key) + }; + println!(" Signing key: {:?}", absolute_signing_key); + } + if let Some(ref uuid_path) = self.uuid_path { + let absolute_uuid_path = project_path + .join(uuid_path) + .canonicalize() + .unwrap_or_else(|_| project_path.join(uuid_path)); + println!(" UUID path: {:?}", absolute_uuid_path); + } + } + + if component_type == "ca" || component_type == "plugin" { + if let Some(ref optee_client_export) = self.optee_client_export { + let absolute_optee_client_export = if optee_client_export.is_absolute() { + optee_client_export.clone() + } else { + project_path.join(optee_client_export) + }; + println!(" OP-TEE client export: {:?}", absolute_optee_client_export); + } + if component_type == "plugin" { + if let Some(ref uuid_path) = self.uuid_path { + let absolute_uuid_path = project_path + .join(uuid_path) + .canonicalize() + .unwrap_or_else(|_| project_path.join(uuid_path)); + println!(" UUID path: {:?}", absolute_uuid_path); + } + } + } + if !self.env.is_empty() { + println!(" Environment variables: {} set", self.env.len()); + } + } + + /// Get required ta_dev_kit_dir or return error + pub fn require_ta_dev_kit_dir(&self) -> Result { + self.ta_dev_kit_dir + .clone() + .ok_or_else(|| anyhow::anyhow!( + "ta-dev-kit-dir is MANDATORY but not configured.\n\ + Please set it via:\n\ + 1. Command line: --ta-dev-kit-dir \n\ + 2. Cargo.toml metadata: [package.metadata.optee.ta] section\n\ + \n\ + Example Cargo.toml:\n\ + [package.metadata.optee.ta]\n\ + ta-dev-kit-dir = {{ aarch64 = \"/path/to/optee_os/out/arm-plat-vexpress/export-ta_arm64\" }}\n\ + # arm architecture omitted (defaults to null)\n\ + \n\ + For help with available options, run: cargo-optee build ta --help" + )) + } + + /// Get required optee_client_export or return error + pub fn require_optee_client_export(&self) -> Result { + self.optee_client_export + .clone() + .ok_or_else(|| anyhow::anyhow!( + "optee-client-export is MANDATORY but not configured.\n\ + Please set it via:\n\ + 1. Command line: --optee-client-export \n\ + 2. Cargo.toml metadata: [package.metadata.optee.ca] or [package.metadata.optee.plugin] section\n\ + \n\ + Example Cargo.toml:\n\ + [package.metadata.optee.ca]\n\ + optee-client-export = {{ aarch64 = \"/path/to/optee_client/export_arm64\" }}\n\ + # arm architecture omitted (defaults to null)\n\ + \n\ + For help with available options, run: cargo-optee build ca --help" + )) + } + + /// Get uuid_path (defaults to "../uuid.txt" if not specified) + pub fn get_uuid_path(&self) -> PathBuf { + self.uuid_path + .clone() + .unwrap_or_else(|| PathBuf::from("../uuid.txt")) + } + + /// Get signing key with fallback to default + pub fn resolve_signing_key(&self, ta_dev_kit_dir: &Path) -> PathBuf { + self.signing_key + .clone() + .unwrap_or_else(|| ta_dev_kit_dir.join("keys").join("default_ta.pem")) + } +} + +/// Extract UUID path from package metadata +fn extract_uuid_path_from_metadata(metadata: &Value) -> Result { + // Try to get optee.ta.uuid-path from metadata + if let Some(optee_metadata) = metadata.get("optee") { + if let Some(ta_section) = optee_metadata.get("ta") { + if let Some(uuid_path_value) = ta_section.get("uuid-path") { + if let Some(uuid_path_str) = uuid_path_value.as_str() { + return Ok(PathBuf::from(uuid_path_str)); + } + } + } + // Also try plugin section for plugin builds + if let Some(plugin_section) = optee_metadata.get("plugin") { + if let Some(uuid_path_value) = plugin_section.get("uuid-path") { + if let Some(uuid_path_str) = uuid_path_value.as_str() { + return Ok(PathBuf::from(uuid_path_str)); + } + } + } + } + + // Default fallback + Err(anyhow::anyhow!("No uuid_path found in metadata")) +} + +/// Discover application metadata from the current project +fn discover_app_metadata(project_path: &Path) -> Result { + let cargo_toml_path = project_path.join("Cargo.toml"); + if !cargo_toml_path.exists() { + bail!( + "Cargo.toml not found in project directory: {:?}", + project_path + ); + } + + // Get metadata for the current project + let metadata = MetadataCommand::new() + .manifest_path(&cargo_toml_path) + .no_deps() + .exec()?; + + // Find the current project package + // First try to get root package (for non-workspace projects) + let current_package = if let Some(root_pkg) = metadata.root_package() { + root_pkg + } else { + // For workspace projects, find the package that corresponds to this manifest + let cargo_toml_path_str = cargo_toml_path.to_string_lossy(); + metadata + .packages + .iter() + .find(|pkg| { + pkg.manifest_path + .to_string() + .contains(&*cargo_toml_path_str) + }) + .ok_or_else(|| { + anyhow::anyhow!( + "Could not find package for manifest: {}", + cargo_toml_path_str + ) + })? + }; + + Ok(current_package.metadata.clone()) +} + +/// Extract build configuration from application package metadata +fn extract_build_config_from_metadata( + metadata: &Value, + component_type: &str, +) -> Result { + let optee_metadata = metadata + .get("optee") + .ok_or_else(|| anyhow::anyhow!("No optee metadata found in application package"))?; + + let component_metadata = optee_metadata + .get(component_type) + .ok_or_else(|| anyhow::anyhow!("No {} metadata found in optee section", component_type))?; + + // Parse arch with fallback to default + let arch = component_metadata + .get("arch") + .and_then(|v| v.as_str()) + .unwrap_or("aarch64") + .parse() + .unwrap_or(Arch::Aarch64); + + extract_build_config_with_arch(metadata, arch, component_type) +} + +/// Extract build configuration from application package metadata with specific architecture +fn extract_build_config_with_arch( + metadata: &Value, + arch: Arch, + component_type: &str, +) -> Result { + let optee_metadata = metadata + .get("optee") + .ok_or_else(|| anyhow::anyhow!("No optee metadata found in application package"))?; + + let component_metadata = optee_metadata + .get(component_type) + .ok_or_else(|| anyhow::anyhow!("No {} metadata found in optee section", component_type))?; + + // Parse debug with fallback to false + let debug = component_metadata + .get("debug") + .and_then(|v| v.as_bool()) + .unwrap_or(false); + + // Parse std with fallback to false + let std = component_metadata + .get("std") + .and_then(|v| v.as_bool()) + .unwrap_or(false); + + // Architecture-specific path resolution + let arch_key = match arch { + Arch::Aarch64 => "aarch64", + Arch::Arm => "arm", + }; + + // Parse architecture-specific ta_dev_kit_dir (for TA only) + let ta_dev_kit_dir = if component_type == "ta" { + component_metadata + .get("ta-dev-kit-dir") + .and_then(|v| { + // Try architecture-specific first + if let Some(arch_value) = v.get(arch_key) { + // Only accept string values, no null support + arch_value.as_str() + } else { + // Architecture key missing, try fallback to non-specific + if v.is_string() { + v.as_str() + } else { + None + } + } + }) + .filter(|s| !s.is_empty()) + .map(PathBuf::from) + } else { + None + }; + + // Parse architecture-specific optee_client_export (for CA and Plugin) + let optee_client_export = if component_type == "ca" || component_type == "plugin" { + component_metadata + .get("optee-client-export") + .and_then(|v| { + // Try architecture-specific first + if let Some(arch_value) = v.get(arch_key) { + // Only accept string values, no null support + arch_value.as_str() + } else { + // Architecture key missing, try fallback to non-specific + if v.is_string() { + v.as_str() + } else { + None + } + } + }) + .filter(|s| !s.is_empty()) + .map(PathBuf::from) + } else { + None + }; + + // Parse signing key (for TA only) + let signing_key = if component_type == "ta" { + component_metadata + .get("signing-key") + .and_then(|v| v.as_str()) + .filter(|s| !s.is_empty()) + .map(PathBuf::from) + } else { + None + }; + + // Parse environment variables + let env: Vec<(String, String)> = component_metadata + .get("env") + .and_then(|v| v.as_array()) + .map(|arr| { + arr.iter() + .filter_map(|v| v.as_str()) + .filter_map(|s| { + if let Some(eq_pos) = s.find('=') { + let (key, value) = s.split_at(eq_pos); + let value = &value[1..]; // Skip the '=' character + Some((key.to_string(), value.to_string())) + } else { + eprintln!("Warning: Invalid environment variable format in metadata: '{}'. Expected 'KEY=VALUE'", s); + None + } + }) + .collect() + }) + .unwrap_or_default(); + + Ok(BuildConfig { + arch, + debug, + std, + ta_dev_kit_dir, + optee_client_export, + signing_key, + uuid_path: None, // Not extracted from metadata, handled separately + env, + }) +} + +#[cfg(test)] +mod tests { + use super::*; + use serde_json::json; + + #[test] + fn test_extract_build_config_from_metadata() { + let metadata = json!({ + "optee": { + "ta": { + "arch": "arm", + "debug": true, + "std": true, + "ta-dev-kit-dir": { + "aarch64": "/opt/ta_dev_kit_arm64", + "arm": "/opt/ta_dev_kit_arm32" + }, + "signing-key": "/opt/signing.pem", + "env": [ + "RUSTFLAGS=-C target-feature=+crt-static", + "RUST_LOG=debug" + ] + } + } + }); + + let config = extract_build_config_from_metadata(&metadata, "ta").unwrap(); + assert!(matches!(config.arch, Arch::Arm)); + assert!(config.debug); + assert!(config.std); + assert_eq!( + config.ta_dev_kit_dir, + Some(PathBuf::from("/opt/ta_dev_kit_arm32")) + ); + assert_eq!(config.optee_client_export, None); // Not for TA + assert_eq!(config.signing_key, Some(PathBuf::from("/opt/signing.pem"))); + assert_eq!(config.env.len(), 2); + assert!(config.env.contains(&( + "RUSTFLAGS".to_string(), + "-C target-feature=+crt-static".to_string() + ))); + assert!(config + .env + .contains(&("RUST_LOG".to_string(), "debug".to_string()))); + } + + #[test] + fn test_extract_build_config_with_arch_override() { + let metadata = json!({ + "optee": { + "ca": { + "arch": "arm", + "debug": false, + "optee-client-export": { + "aarch64": "/opt/client_arm64", + "arm": "/opt/client_arm32" + }, + "env": [ + "BUILD_MODE=release" + ] + } + } + }); + + let config = extract_build_config_with_arch(&metadata, Arch::Aarch64, "ca").unwrap(); + assert!(matches!(config.arch, Arch::Aarch64)); + assert!(!config.debug); + assert!(!config.std); + assert_eq!(config.ta_dev_kit_dir, None); // Not for CA + assert_eq!( + config.optee_client_export, + Some(PathBuf::from("/opt/client_arm64")) + ); + assert_eq!(config.signing_key, None); // Not for CA + assert_eq!(config.env.len(), 1); + assert!(config + .env + .contains(&("BUILD_MODE".to_string(), "release".to_string()))); + } + + #[test] + fn test_extract_build_config_defaults() { + let metadata = json!({ + "optee": { + "plugin": {} + } + }); + + let config = extract_build_config_from_metadata(&metadata, "plugin").unwrap(); + assert!(matches!(config.arch, Arch::Aarch64)); + assert!(!config.debug); + assert!(!config.std); + assert_eq!(config.ta_dev_kit_dir, None); + assert_eq!(config.optee_client_export, None); // Not for Plugin + assert_eq!(config.signing_key, None); // Not for Plugin + assert!(config.env.is_empty()); + } + + #[test] + fn test_extract_build_config_with_env_variables() { + let metadata = json!({ + "optee": { + "ta": { + "env": [ + "CUSTOM_VAR=value1", + "ANOTHER_VAR=value2", + "RUSTFLAGS=-C target-cpu=native" + ] + } + } + }); + + let config = extract_build_config_from_metadata(&metadata, "ta").unwrap(); + assert_eq!(config.env.len(), 3); + assert!(config + .env + .contains(&("CUSTOM_VAR".to_string(), "value1".to_string()))); + assert!(config + .env + .contains(&("ANOTHER_VAR".to_string(), "value2".to_string()))); + assert!(config + .env + .contains(&("RUSTFLAGS".to_string(), "-C target-cpu=native".to_string()))); + } + + #[test] + fn test_extract_build_config_with_invalid_env_format() { + let metadata = json!({ + "optee": { + "ca": { + "env": [ + "VALID_VAR=value", + "INVALID_VAR_NO_EQUALS", + "ANOTHER_VALID=test" + ] + } + } + }); + + let config = extract_build_config_from_metadata(&metadata, "ca").unwrap(); + // Should only contain the valid environment variables + assert_eq!(config.env.len(), 2); + assert!(config + .env + .contains(&("VALID_VAR".to_string(), "value".to_string()))); + assert!(config + .env + .contains(&("ANOTHER_VALID".to_string(), "test".to_string()))); + // Invalid format should be filtered out + assert!(!config.env.iter().any(|(k, _)| k == "INVALID_VAR_NO_EQUALS")); + } + + #[test] + fn test_extract_build_config_with_missing_arch() { + let metadata = json!({ + "optee": { + "ta": { + "arch": "aarch64", + "ta-dev-kit-dir": { + "aarch64": "/opt/ta_dev_kit_arm64" + // arm key missing - should be treated as null + }, + "signing-key": "/opt/signing.pem" + } + } + }); + + // Test with aarch64 - should get the path + let config = extract_build_config_with_arch(&metadata, Arch::Aarch64, "ta").unwrap(); + assert_eq!( + config.ta_dev_kit_dir, + Some(PathBuf::from("/opt/ta_dev_kit_arm64")) + ); + + // Test with arm - should get None due to missing key (treated as null) + let config_arm = extract_build_config_with_arch(&metadata, Arch::Arm, "ta").unwrap(); + assert_eq!(config_arm.ta_dev_kit_dir, None); + } +} diff --git a/cargo-optee/src/main.rs b/cargo-optee/src/main.rs new file mode 100644 index 00000000..c3784388 --- /dev/null +++ b/cargo-optee/src/main.rs @@ -0,0 +1,521 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +use anyhow::bail; +use clap::{Args, Parser, Subcommand}; +use std::env; +use std::path::PathBuf; +use std::process; + +mod ca_builder; +mod common; +mod config; +mod ta_builder; + +use common::Arch; + +/// Parse environment variable in KEY=VALUE format +fn parse_env_var(s: &str) -> Result<(String, String), String> { + if let Some(eq_pos) = s.find('=') { + let (key, value) = s.split_at(eq_pos); + let value = &value[1..]; // Skip the '=' character + Ok((key.to_string(), value.to_string())) + } else { + Err(format!( + "Invalid environment variable format: '{}'. Expected 'KEY=VALUE'", + s + )) + } +} + +/// Resolve a potentially relative path to an absolute path based on the project directory +fn resolve_path_relative_to_project(path: &PathBuf, project_path: &std::path::Path) -> PathBuf { + if path.is_absolute() { + path.clone() + } else { + project_path.join(path) + } +} + +/// Execute TA build or install (shared logic) +fn execute_ta_command( + common: CommonBuildArgs, + std: bool, + ta_dev_kit_dir: Option, + signing_key: Option, + uuid_path: Option, + install_target_dir: Option<&PathBuf>, +) -> anyhow::Result<()> { + // Resolve project path from manifest or current directory + let project_path = if let Some(manifest) = common.manifest_path { + manifest + .parent() + .ok_or_else(|| anyhow::anyhow!("Invalid manifest path"))? + .to_path_buf() + } else { + std::env::current_dir()? + }; + + // Resolve build configuration with priority: CLI > metadata > error + let build_config = config::BuildConfig::resolve( + &project_path, + "ta", // Component type for TA + common.arch, + Some(common.debug), + Some(std), + ta_dev_kit_dir, + None, // optee_client_export not needed for TA + signing_key, + uuid_path.clone(), + )?; + + // Print the final configuration being used + build_config.print_config("ta", &project_path); + + // Get required ta_dev_kit_dir and resolve relative to project + let ta_dev_kit_dir_config = build_config.require_ta_dev_kit_dir()?; + let ta_dev_kit_dir = resolve_path_relative_to_project(&ta_dev_kit_dir_config, &project_path); + + // Validate that ta_dev_kit_dir exists (print absolute path) + if !ta_dev_kit_dir.exists() { + bail!( + "TA development kit directory does not exist: {:?}", + ta_dev_kit_dir + ); + } + + // Resolve signing key relative to project directory + let signing_key_config = build_config.resolve_signing_key(&ta_dev_kit_dir_config); + let signing_key_path = resolve_path_relative_to_project(&signing_key_config, &project_path); + + // Validate that signing key exists (print absolute path) + if !signing_key_path.exists() { + bail!("Signing key file does not exist: {:?}", signing_key_path); + } + + // Resolve UUID path: if provided via CLI, it's relative to current dir + // if from metadata, it's relative to project dir + let resolved_uuid_path = if uuid_path.is_some() { + // CLI provided - resolve relative to current directory + std::env::current_dir()?.join(build_config.get_uuid_path()) + } else { + // From metadata or default - resolve relative to project directory + project_path.join(build_config.get_uuid_path()) + }; + + // Merge env variables: CLI overrides + metadata env + let mut merged_env = build_config.env.clone(); + merged_env.extend(common.env); + + let ta_config = ta_builder::TaBuildConfig { + arch: build_config.arch, + std: build_config.std, + ta_dev_kit_dir, + signing_key: signing_key_path, + debug: build_config.debug, + path: project_path, + uuid_path: resolved_uuid_path, + env: merged_env, + no_default_features: common.no_default_features, + features: common.features, + }; + + ta_builder::build_ta(ta_config, install_target_dir.map(|p| p.as_path())) +} + +/// Execute CA build or install (shared logic) +fn execute_ca_command( + common: CommonBuildArgs, + optee_client_export: Option, + uuid_path: Option, + plugin: bool, + install_target_dir: Option<&PathBuf>, +) -> anyhow::Result<()> { + // Resolve project path from manifest or current directory + let project_path = if let Some(manifest) = common.manifest_path { + manifest + .parent() + .ok_or_else(|| anyhow::anyhow!("Invalid manifest path"))? + .to_path_buf() + } else { + std::env::current_dir()? + }; + + let component_type = if plugin { "plugin" } else { "ca" }; + + // Resolve build configuration + let build_config = config::BuildConfig::resolve( + &project_path, + component_type, + common.arch, + Some(common.debug), + None, // std not applicable for CA/Plugin + None, // ta_dev_kit_dir not needed for CA/Plugin + optee_client_export, + None, // signing_key not needed for CA/Plugin + uuid_path, + )?; + + // Print the final configuration being used + build_config.print_config(component_type, &project_path); + + // Get required optee_client_export and resolve relative to project + let optee_client_export_config = build_config.require_optee_client_export()?; + let optee_client_export = + resolve_path_relative_to_project(&optee_client_export_config, &project_path); + + // Validate that optee_client_export exists (print absolute path) + if !optee_client_export.exists() { + bail!( + "OP-TEE client export directory does not exist: {:?}", + optee_client_export + ); + } + + // Merge env variables: CLI overrides + metadata env + let mut merged_env = build_config.env.clone(); + merged_env.extend(common.env); + + let ca_config = ca_builder::CaBuildConfig { + arch: build_config.arch, + optee_client_export, + debug: build_config.debug, + path: project_path, + plugin, + uuid_path: if plugin { + build_config.uuid_path.clone() + } else { + None + }, + env: merged_env, + no_default_features: common.no_default_features, + features: common.features, + }; + + ca_builder::build_ca(ca_config, install_target_dir.map(|p| p.as_path())) +} + +/// Common build command arguments shared across TA, CA, and Plugin builds +#[derive(Debug, Args)] +struct CommonBuildArgs { + /// Path to the Cargo.toml manifest file + #[arg(long = "manifest-path")] + manifest_path: Option, + + /// Target architecture (default: aarch64) + #[arg(long = "arch")] + arch: Option, + + /// Enable debug build (default: false) + #[arg(long = "debug")] + debug: bool, + + /// Environment overrides in the form of `"KEY=VALUE"` strings. This flag can be repeated. + /// + /// This is generally not needed to be used explicitly during regular development. + /// + /// This makes sense to be used to specify custom var e.g. `RUSTFLAGS`. + #[arg(long = "env", value_parser = parse_env_var, action = clap::ArgAction::Append)] + env: Vec<(String, String)>, + + /// Disable default features (will append --no-default-features to cargo build) + #[arg(long = "no-default-features")] + no_default_features: bool, + + /// Custom features to enable (will append --features to cargo build) + #[arg(long = "features")] + features: Option, +} + +#[derive(Debug, Parser)] +#[clap(version = env!("CARGO_PKG_VERSION"))] +#[clap(about = "Build tool for OP-TEE Rust projects")] +pub(crate) struct Cli { + #[clap(subcommand)] + cmd: Command, +} + +#[derive(Debug, Subcommand)] +enum BuildCommand { + /// Build a Trusted Application (TA) + #[command(about = "Build a Trusted Application (TA)")] + TA { + #[command(flatten)] + build_cmd: TABuildArgs, + }, + /// Build a Client Application (Host) + #[command(about = "Build a Client Application (Host)")] + CA { + #[command(flatten)] + build_cmd: CABuildArgs, + }, + /// Build a Plugin (Shared Library) + #[command(about = "Build a Plugin (Shared Library)")] + Plugin { + #[command(flatten)] + build_cmd: PluginBuildArgs, + }, +} + +#[derive(Debug, Subcommand)] +enum Command { + /// Build OP-TEE components + #[clap(name = "build")] + #[command(subcommand)] + Build(BuildCommand), + /// Install OP-TEE components + #[clap(name = "install")] + #[command(subcommand)] + Install(InstallCommand), + /// Clean OP-TEE components + #[clap(name = "clean")] + Clean { + #[command(flatten)] + clean_cmd: CleanCommand, + }, +} + +#[derive(Debug, Subcommand)] +enum InstallCommand { + /// Install a Trusted Application (TA) + #[command(about = "Install a Trusted Application (TA) to target directory")] + TA { + /// Target directory to install the TA binary (default: "shared") + #[arg(long = "target-dir", default_value = "shared")] + target_dir: PathBuf, + + #[command(flatten)] + build_cmd: TABuildArgs, + }, + /// Install a Client Application (Host) + #[command(about = "Install a Client Application (Host) to target directory")] + CA { + /// Target directory to install the CA binary (default: "shared") + #[arg(long = "target-dir", default_value = "shared")] + target_dir: PathBuf, + + #[command(flatten)] + build_cmd: CABuildArgs, + }, + /// Install a Plugin (Shared Library) + #[command(about = "Install a Plugin (Shared Library) to target directory")] + Plugin { + /// Target directory to install the plugin binary (default: "shared") + #[arg(long = "target-dir", default_value = "shared")] + target_dir: PathBuf, + + #[command(flatten)] + build_cmd: PluginBuildArgs, + }, +} + +/// TA-specific build arguments +#[derive(Debug, Args)] +struct TABuildArgs { + #[command(flatten)] + common: CommonBuildArgs, + + /// Enable std feature for the TA (default: false) + #[arg(long = "std")] + std: bool, + + /// OP-TEE TA development kit export directory + #[arg(long = "ta-dev-kit-dir")] + ta_dev_kit_dir: Option, + + /// TA signing key path (default: TA_DEV_KIT_DIR/keys/default_ta.pem) + #[arg(long = "signing-key")] + signing_key: Option, + + /// UUID file path (default: "../uuid.txt") + #[arg(long = "uuid-path")] + uuid_path: Option, +} + +/// CA-specific build arguments +#[derive(Debug, Args)] +struct CABuildArgs { + #[command(flatten)] + common: CommonBuildArgs, + + /// OP-TEE client export directory + #[arg(long = "optee-client-export")] + optee_client_export: Option, +} + +/// Plugin-specific build arguments +#[derive(Debug, Args)] +struct PluginBuildArgs { + #[command(flatten)] + common: CommonBuildArgs, + + /// OP-TEE client export directory + #[arg(long = "optee-client-export")] + optee_client_export: Option, + + /// UUID file path (default: "../uuid.txt") + #[arg(long = "uuid-path")] + uuid_path: Option, +} + +/// Clean command arguments +#[derive(Debug, Args)] +struct CleanCommand { + /// Path to the Cargo.toml manifest file + #[arg(long = "manifest-path")] + manifest_path: Option, +} + +/// Source cargo environment from a given path +fn source_cargo_env(env_path: &str) -> bool { + if std::path::Path::new(env_path).exists() { + std::process::Command::new("bash") + .arg("-c") + .arg(format!("source {}", env_path)) + .status() + .map(|status| status.success()) + .unwrap_or(false) + } else { + false + } +} + +/// Setup cargo environment by checking availability and sourcing environment if needed +fn setup_cargo_environment() -> anyhow::Result<()> { + // Check if cargo is available + let cargo_available = std::process::Command::new("which") + .arg("cargo") + .output() + .map(|output| output.status.success()) + .unwrap_or(false); + + if cargo_available { + return Ok(()); + } + + // Try to source .cargo/env from ~/.cargo/env or $CARGO_HOME/env + let mut sourced = false; + if let Ok(home) = env::var("HOME") { + sourced = source_cargo_env(&format!("{}/.cargo/env", home)); + } + if !sourced { + if let Ok(cargo_home) = env::var("CARGO_HOME") { + sourced = source_cargo_env(&format!("{}/env", cargo_home)); + } + } + + if !sourced { + anyhow::bail!("cargo command not found. Please install Rust: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh"); + } + + Ok(()) +} + +fn main() { + env_logger::Builder::from_env(env_logger::Env::default().default_filter_or("info")) + .format_timestamp_millis() + .init(); + + // Setup cargo environment + if let Err(e) = setup_cargo_environment() { + eprintln!("Error: {}", e); + process::exit(1); + } + + let cli = Cli::parse(); + let result = execute_command(cli.cmd); + + if let Err(e) = result { + eprintln!("Error: {}", e); + process::exit(1); + } +} + +fn execute_command(cmd: Command) -> anyhow::Result<()> { + match cmd { + Command::Build(build_cmd) => match build_cmd { + BuildCommand::TA { build_cmd } => execute_ta_command( + build_cmd.common, + build_cmd.std, + build_cmd.ta_dev_kit_dir, + build_cmd.signing_key, + build_cmd.uuid_path, + None, + ), + BuildCommand::CA { build_cmd } => execute_ca_command( + build_cmd.common, + build_cmd.optee_client_export, + None, + false, + None, + ), + BuildCommand::Plugin { build_cmd } => execute_ca_command( + build_cmd.common, + build_cmd.optee_client_export, + build_cmd.uuid_path, + true, + None, + ), + }, + Command::Install(install_cmd) => match install_cmd { + InstallCommand::TA { + target_dir, + build_cmd, + } => execute_ta_command( + build_cmd.common, + build_cmd.std, + build_cmd.ta_dev_kit_dir, + build_cmd.signing_key, + build_cmd.uuid_path, + Some(&target_dir), + ), + InstallCommand::CA { + target_dir, + build_cmd, + } => execute_ca_command( + build_cmd.common, + build_cmd.optee_client_export, + None, + false, + Some(&target_dir), + ), + InstallCommand::Plugin { + target_dir, + build_cmd, + } => execute_ca_command( + build_cmd.common, + build_cmd.optee_client_export, + build_cmd.uuid_path, + true, + Some(&target_dir), + ), + }, + Command::Clean { clean_cmd } => { + let project_path = if let Some(manifest) = clean_cmd.manifest_path { + manifest + .parent() + .ok_or_else(|| anyhow::anyhow!("Invalid manifest path"))? + .to_path_buf() + } else { + std::env::current_dir()? + }; + + // Clean build artifacts using the common function + crate::common::clean_project(&project_path) + } + } +} diff --git a/cargo-optee/src/ta_builder.rs b/cargo-optee/src/ta_builder.rs new file mode 100644 index 00000000..f2c78cfe --- /dev/null +++ b/cargo-optee/src/ta_builder.rs @@ -0,0 +1,505 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +use anyhow::{bail, Result}; +use std::env; +use std::fs; +use std::path::Path; +use std::path::PathBuf; +use std::process::Command; +use tempfile::TempDir; +use toml::Value; + +use crate::common::{print_cargo_command, print_output_and_bail, read_uuid_from_file, Arch}; + +// Embed the target JSON files at compile time +const AARCH64_TARGET_JSON: &str = include_str!("../aarch64-unknown-optee.json"); +const ARM_TARGET_JSON: &str = include_str!("../arm-unknown-optee.json"); + +// Target configurations for different architectures and std modes +const TARGET_CONFIGS: [(Arch, bool, &str, &str); 4] = [ + // (Architecture, has_std, target, cross_compile_prefix) + ( + Arch::Arm, + false, + "arm-unknown-linux-gnueabihf", + "arm-linux-gnueabihf-", + ), + (Arch::Arm, true, "arm-unknown-optee", "arm-linux-gnueabihf-"), + ( + Arch::Aarch64, + false, + "aarch64-unknown-linux-gnu", + "aarch64-linux-gnu-", + ), + ( + Arch::Aarch64, + true, + "aarch64-unknown-optee", + "aarch64-linux-gnu-", + ), +]; + +/// Check if the required cross-compile toolchain is available +fn check_toolchain_exists(cross_compile_prefix: &str) -> Result<()> { + let gcc_command = format!("{}gcc", cross_compile_prefix); + let objcopy_command = format!("{}objcopy", cross_compile_prefix); + + // Check if gcc exists + let gcc_check = Command::new("which").arg(&gcc_command).output(); + + // Check if objcopy exists + let objcopy_check = Command::new("which").arg(&objcopy_command).output(); + + let gcc_exists = gcc_check.map_or(false, |output| output.status.success()); + let objcopy_exists = objcopy_check.map_or(false, |output| output.status.success()); + + if !gcc_exists || !objcopy_exists { + let missing_tools: Vec<&str> = [ + if !gcc_exists { + Some(gcc_command.as_str()) + } else { + None + }, + if !objcopy_exists { + Some(objcopy_command.as_str()) + } else { + None + }, + ] + .iter() + .filter_map(|&x| x) + .collect(); + + eprintln!("Error: Required cross-compile toolchain not found!"); + eprintln!("Missing tools: {}", missing_tools.join(", ")); + eprintln!(); + eprintln!("Please install the required toolchain:"); + eprintln!(); + eprintln!("# For aarch64 host (ARM64 machine):"); + eprintln!("apt update && apt -y install gcc gcc-arm-linux-gnueabihf"); + eprintln!(); + eprintln!("# For x86_64 host (Intel/AMD machine):"); + eprintln!("apt update && apt -y install gcc-aarch64-linux-gnu gcc-arm-linux-gnueabihf"); + eprintln!(); + eprintln!("Or manually install the cross-compilation tools for your target architecture."); + + bail!("Cross-compile toolchain not available"); + } + + Ok(()) +} + +#[derive(Clone)] +pub struct TaBuildConfig { + pub arch: Arch, // Architecture + pub std: bool, // Enable std feature + pub ta_dev_kit_dir: PathBuf, // Path to TA dev kit + pub signing_key: PathBuf, // Path to signing key + pub debug: bool, // Debug mode (default false = release) + pub path: PathBuf, // Path to TA directory + pub uuid_path: PathBuf, // Path to UUID file + // Customized variables + pub env: Vec<(String, String)>, // Custom environment variables for cargo build + pub no_default_features: bool, // Disable default features + pub features: Option, // Additional features to enable +} + +// Helper function to derive target and cross-compile from arch and std +fn get_target_and_cross_compile(arch: Arch, std: bool) -> Result<(String, String)> { + for &(config_arch, config_std, target, cross_compile_prefix) in &TARGET_CONFIGS { + if config_arch == arch && config_std == std { + return Ok((target.to_string(), cross_compile_prefix.to_string())); + } + } + + bail!( + "No target configuration found for arch: {:?}, std: {}", + arch, + std + ); +} + +// Helper function to setup custom target JSONs for std builds +// Returns TempDir to keep it alive during the build +fn setup_custom_targets() -> Result { + let temp_dir = TempDir::new()?; + + // Write the embedded target JSON files + let aarch64_path = temp_dir.path().join("aarch64-unknown-optee.json"); + let arm_path = temp_dir.path().join("arm-unknown-optee.json"); + + fs::write(aarch64_path, AARCH64_TARGET_JSON)?; + fs::write(arm_path, ARM_TARGET_JSON)?; + + Ok(temp_dir) +} + +// Helper function to setup base command with common environment variables +fn setup_build_command( + config: &TaBuildConfig, + command: &str, +) -> Result<(Command, Option)> { + // Determine target and cross-compile based on arch + let (target, _cross_compile) = get_target_and_cross_compile(config.arch, config.std)?; + + // Determine builder (cargo or xargo) + let builder = if config.std { "xargo" } else { "cargo" }; + + // Setup custom targets if using std - keep TempDir alive + let temp_dir = if config.std { + Some(setup_custom_targets()?) + } else { + None + }; + + let mut cmd = Command::new(builder); + cmd.arg(command); + cmd.arg("--target").arg(&target); + + // Add --no-default-features if specified + if config.no_default_features { + cmd.arg("--no-default-features"); + } + + // Build features list + let mut features = Vec::new(); + if config.std { + features.push("std".to_string()); + } + if let Some(ref custom_features) = config.features { + // Split custom features by comma and add them + for feature in custom_features.split(',') { + let feature = feature.trim(); + if !feature.is_empty() { + features.push(feature.to_string()); + } + } + } + + // Add features if any are specified + if !features.is_empty() { + cmd.arg("--features").arg(features.join(",")); + } + + // Add no-std specific flags to avoid the linking error of _Unwind_Resume + if !config.std { + cmd.arg("-Z").arg("build-std=core,alloc"); + cmd.arg("-Z") + .arg("build-std-features=panic_immediate_abort"); + } + + // Set RUSTFLAGS - preserve existing ones and add panic=abort + let mut rustflags = env::var("RUSTFLAGS").unwrap_or_default(); + if !rustflags.is_empty() { + rustflags.push(' '); + } + rustflags.push_str("-C panic=abort"); + cmd.env("RUSTFLAGS", &rustflags); + + // Apply custom environment variables + for (key, value) in &config.env { + cmd.env(key, value); + } + + // Set TA_DEV_KIT_DIR environment variable (use absolute path) + let absolute_ta_dev_kit_dir = config + .ta_dev_kit_dir + .canonicalize() + .unwrap_or_else(|_| config.ta_dev_kit_dir.clone()); + cmd.env("TA_DEV_KIT_DIR", &absolute_ta_dev_kit_dir); + + // Set RUST_TARGET_PATH for custom targets when using std + if let Some(ref temp_dir_ref) = temp_dir { + cmd.env("RUST_TARGET_PATH", temp_dir_ref.path()); + } + + Ok((cmd, temp_dir)) +} + +// Main function to build the TA, optionally installing to a target directory +pub fn build_ta(config: TaBuildConfig, install_dir: Option<&Path>) -> Result<()> { + // Check if required cross-compile toolchain is available + let (_, cross_compile_prefix) = get_target_and_cross_compile(config.arch, config.std)?; + check_toolchain_exists(&cross_compile_prefix)?; + + // Verify we're in a valid Rust project directory + let manifest_path = config.path.join("Cargo.toml"); + if !manifest_path.exists() { + bail!( + "No Cargo.toml found in TA project directory: {:?}\n\ + Please run cargo-optee from a TA project directory or specify --manifest-path", + config.path + ); + } + // Get the absolute path for better clarity + let absolute_path = std::fs::canonicalize(&config.path).unwrap_or_else(|_| config.path.clone()); + println!("Building TA in directory: {}", absolute_path.display()); + + // Step 1: Run clippy for code quality checks + run_clippy(&config, &manifest_path)?; + + // Step 2: Build the TA + build_binary(&config, &manifest_path)?; + + // Step 3: Strip the binary + let (stripped_path, target_dir) = strip_binary(&config, &manifest_path)?; + + // Step 4: Sign the TA + sign_ta(&config, &stripped_path, &target_dir)?; + + // Step 5: Install if requested + if let Some(install_dir) = install_dir { + // Check if install directory exists + if !install_dir.exists() { + bail!("Install directory does not exist: {:?}", install_dir); + } + + let uuid = read_uuid_from_file(&config.uuid_path)?; + let ta_file = target_dir.join(format!("{}.ta", uuid)); + + if !ta_file.exists() { + bail!("Signed TA file not found at {:?}", ta_file); + } + + let dest_path = install_dir.join(format!("{}.ta", uuid)); + fs::copy(&ta_file, &dest_path)?; + + println!( + "TA installed to: {:?}", + dest_path.canonicalize().unwrap_or(dest_path) + ); + } + + println!("TA build successfully!"); + + Ok(()) +} + +fn run_clippy(config: &TaBuildConfig, manifest_path: &Path) -> Result<()> { + println!("Running cargo fmt and clippy..."); + + // Get the project directory from manifest path + let project_dir = manifest_path + .parent() + .ok_or_else(|| anyhow::anyhow!("Invalid manifest path: {:?}", manifest_path))?; + + // Change to project directory to respect rust-toolchain.toml + let original_dir = std::env::current_dir()?; + std::env::set_current_dir(project_dir)?; + + // Run cargo fmt (without --manifest-path since we're in the project dir) + let mut fmt_cmd = Command::new("cargo"); + fmt_cmd.arg("fmt"); + let fmt_output = fmt_cmd.output(); + + // Restore original directory before checking results + std::env::set_current_dir(&original_dir)?; + + let fmt_output = fmt_output?; + if !fmt_output.status.success() { + print_output_and_bail("cargo fmt", &fmt_output)?; + } + + // Change back to project directory for clippy + std::env::set_current_dir(project_dir)?; + + // Setup clippy command with common environment (without --manifest-path) + let (mut clippy_cmd, _temp_dir) = setup_build_command(config, "clippy")?; + + clippy_cmd.arg("--"); + clippy_cmd.arg("-D").arg("warnings"); + clippy_cmd.arg("-D").arg("clippy::unwrap_used"); + clippy_cmd.arg("-D").arg("clippy::expect_used"); + clippy_cmd.arg("-D").arg("clippy::panic"); + + let clippy_output = clippy_cmd.output(); + + // Restore original directory before checking results + std::env::set_current_dir(&original_dir)?; + + let clippy_output = clippy_output?; + if !clippy_output.status.success() { + print_output_and_bail("clippy", &clippy_output)?; + } + + Ok(()) +} + +fn build_binary(config: &TaBuildConfig, manifest_path: &Path) -> Result<()> { + // Get the project directory from manifest path + let project_dir = manifest_path + .parent() + .ok_or_else(|| anyhow::anyhow!("Invalid manifest path: {:?}", manifest_path))?; + + // Change to project directory to respect rust-toolchain.toml + let original_dir = std::env::current_dir()?; + std::env::set_current_dir(project_dir)?; + + // Determine target and cross-compile based on arch + let (target, cross_compile) = get_target_and_cross_compile(config.arch, config.std)?; + + // Setup build command with common environment (without --manifest-path) + let (mut build_cmd, _temp_dir) = setup_build_command(config, "build")?; + + if !config.debug { + build_cmd.arg("--release"); + } + + // Configure linker + let linker = format!("{}gcc", cross_compile); + let linker_cfg = format!("target.{}.linker=\"{}\"", target, linker); + build_cmd.arg("--config").arg(&linker_cfg); + + // Print the full cargo build command for debugging + print_cargo_command(&build_cmd, "Building TA binary"); + + let build_output = build_cmd.output(); + + // Restore original directory before checking results + std::env::set_current_dir(original_dir)?; + + let build_output = build_output?; + if !build_output.status.success() { + print_output_and_bail("build", &build_output)?; + } + + Ok(()) +} + +fn get_package_name(manifest_path: &Path) -> Result { + if !manifest_path.exists() { + bail!("Cargo.toml not found at: {:?}", manifest_path); + } + + let cargo_toml_content = fs::read_to_string(manifest_path)?; + let cargo_toml: Value = toml::from_str(&cargo_toml_content)?; + + let package_name = cargo_toml + .get("package") + .and_then(|p| p.get("name")) + .and_then(|n| n.as_str()) + .ok_or_else(|| anyhow::anyhow!("Could not find package name in Cargo.toml"))?; + + Ok(package_name.to_string()) +} + +fn strip_binary(config: &TaBuildConfig, manifest_path: &Path) -> Result<(PathBuf, PathBuf)> { + println!("Stripping binary..."); + + // Determine target based on arch + let (target, cross_compile) = get_target_and_cross_compile(config.arch, config.std)?; + + let profile = if config.debug { "debug" } else { "release" }; + + // Get the actual package name from Cargo.toml + let package_name = get_package_name(manifest_path)?; + + // Use cargo metadata to get the target directory that cargo is actually using + let output = Command::new("cargo") + .arg("metadata") + .arg("--manifest-path") + .arg(manifest_path) + .arg("--format-version") + .arg("1") + .arg("--no-deps") + .output()?; + + if !output.status.success() { + bail!("Failed to get cargo metadata"); + } + + let metadata: serde_json::Value = serde_json::from_slice(&output.stdout)?; + let target_directory = metadata + .get("target_directory") + .and_then(|v| v.as_str()) + .ok_or_else(|| anyhow::anyhow!("Could not get target directory from cargo metadata"))?; + + let target_dir = PathBuf::from(target_directory); + let profile_dir = target_dir.join(target).join(profile); + let binary_path = profile_dir.join(&package_name); + + if !binary_path.exists() { + bail!("Binary not found at {:?}", binary_path); + } + + let stripped_path = profile_dir.join(format!("stripped_{}", package_name)); + + if !binary_path.exists() { + bail!("Binary not found at {:?}", binary_path); + } + + let objcopy = format!("{}objcopy", cross_compile); + + let strip_output = Command::new(&objcopy) + .arg("--strip-unneeded") + .arg(&binary_path) + .arg(&stripped_path) + .output()?; + + if !strip_output.status.success() { + print_output_and_bail(&objcopy, &strip_output)?; + } + + Ok((stripped_path, profile_dir)) +} + +fn sign_ta(config: &TaBuildConfig, stripped_path: &Path, target_dir: &Path) -> Result<()> { + println!("Signing TA with signing key {:?}...", config.signing_key); + + // Read UUID from specified file + let uuid = read_uuid_from_file(&config.uuid_path)?; + + // Validate signing key exists + if !config.signing_key.exists() { + bail!("Signing key not found at {:?}", config.signing_key); + } + + // Sign script path + let sign_script = config + .ta_dev_kit_dir + .join("scripts") + .join("sign_encrypt.py"); + if !sign_script.exists() { + bail!("Sign script not found at {:?}", sign_script); + } + + // Output path - use the actual target_dir + let output_path = target_dir.join(format!("{}.ta", uuid)); + + let sign_output = Command::new("python3") + .arg(&sign_script) + .arg("--uuid") + .arg(&uuid) + .arg("--key") + .arg(&config.signing_key) + .arg("--in") + .arg(stripped_path) + .arg("--out") + .arg(&output_path) + .output()?; + + if !sign_output.status.success() { + print_output_and_bail("sign_encrypt.py", &sign_output)?; + } + + println!("SIGN => {}", uuid); + let absolute_output_path = output_path.canonicalize().unwrap_or(output_path); + println!("TA signed and saved to: {:?}", absolute_output_path); + + Ok(()) +} diff --git a/ci/build.sh b/ci/build.sh new file mode 100755 index 00000000..58103649 --- /dev/null +++ b/ci/build.sh @@ -0,0 +1,435 @@ +#!/bin/bash + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +set -e + +# Show usage +show_usage() { + cat << EOF +Usage: TA_DEV_KIT_DIR= OPTEE_CLIENT_EXPORT= $0 [OPTIONS] + +Required environment variables: + TA_DEV_KIT_DIR Path to OP-TEE OS TA dev kit directory + OPTEE_CLIENT_EXPORT Path to OP-TEE client export directory + +Options: + --ta TA architecture: aarch64 or arm (default: aarch64) + --host Host architecture for CA and plugins: aarch64 or arm (default: aarch64) + --std Install with std support (default: no-std) + --ta-install-dir TA installation directory (default: ./tests/shared) + --ca-install-dir CA installation directory (default: ./tests/shared) + --plugin-install-dir Plugin installation directory (default: ./tests/shared) + --help Show this help message + +Examples: + # Install for aarch64 in no-std mode + TA_DEV_KIT_DIR=/path/to/export-ta_arm64 OPTEE_CLIENT_EXPORT=/path/to/export ./build.sh + + # Install for ARM32 in std mode with custom directories + TA_DEV_KIT_DIR=/path/to/export-ta_arm32 OPTEE_CLIENT_EXPORT=/path/to/export ./build.sh --ta arm --host arm --std --ta-install-dir /target/lib/optee_armtz --ca-install-dir /target/usr/bin + +Note: Binaries are installed to './tests/shared' directory by default. +EOF +} + +# Parse command line arguments +ARCH_TA="aarch64" # Default: aarch64 +ARCH_HOST="aarch64" # Default: aarch64 +STD="" # Default: empty (no-std) +TA_INSTALL_DIR="" # Default: will be set to ./tests/shared if not specified +CA_INSTALL_DIR="" # Default: will be set to ./tests/shared if not specified +PLUGIN_INSTALL_DIR="" # Default: will be set to ./tests/shared if not specified + +# Parse arguments (support both positional and flag-style) +while [[ $# -gt 0 ]]; do + case "$1" in + --help|-h) + show_usage + exit 0 + ;; + --ta) + ARCH_TA="$2" + shift 2 + ;; + --host) + ARCH_HOST="$2" + shift 2 + ;; + --std) + STD="std" + shift + ;; + --ta-install-dir) + TA_INSTALL_DIR="$2" + shift 2 + ;; + --ca-install-dir) + CA_INSTALL_DIR="$2" + shift 2 + ;; + --plugin-install-dir) + PLUGIN_INSTALL_DIR="$2" + shift 2 + ;; + *) + # Positional arguments (backward compatibility) + if [[ -z "${ARCH_TA_SET:-}" ]]; then + ARCH_TA="$1" + ARCH_TA_SET=1 + elif [[ -z "${ARCH_HOST_SET:-}" ]]; then + ARCH_HOST="$1" + ARCH_HOST_SET=1 + elif [[ "$1" == "std" ]]; then + STD="std" + fi + shift + ;; + esac +done + +# Validate architecture +if [[ "$ARCH_TA" != "aarch64" && "$ARCH_TA" != "arm" ]]; then + echo "Error: ARCH_TA must be 'aarch64' or 'arm'" + exit 1 +fi + +if [[ "$ARCH_HOST" != "aarch64" && "$ARCH_HOST" != "arm" ]]; then + echo "Error: ARCH_HOST must be 'aarch64' or 'arm'" + exit 1 +fi + +# Check required environment variables +if [ -z "$TA_DEV_KIT_DIR" ]; then + echo "Error: TA_DEV_KIT_DIR environment variable is not set" + exit 1 +fi + +if [ -z "$OPTEE_CLIENT_EXPORT" ]; then + echo "Error: OPTEE_CLIENT_EXPORT environment variable is not set" + exit 1 +fi + +echo "===========================================" +echo "Installing with configuration:" +echo " ARCH_TA: $ARCH_TA" +echo " ARCH_HOST: $ARCH_HOST" +echo " STD: ${STD:-no-std}" +echo " TA_DEV_KIT_DIR: $TA_DEV_KIT_DIR" +echo " OPTEE_CLIENT_EXPORT: $OPTEE_CLIENT_EXPORT" +echo "===========================================" + +# Step 1: Build cargo-optee tool +echo "" +echo "Step 1: Building cargo-optee tool..." +cd cargo-optee +cargo build --release +CARGO_OPTEE="$(pwd)/target/release/cargo-optee" +cd .. + +if [ ! -f "$CARGO_OPTEE" ]; then + echo "Error: Failed to build cargo-optee" + exit 1 +fi + +echo "cargo-optee built successfully: $CARGO_OPTEE" + +# Prepare std flag for cargo-optee +STD_FLAG="" +if [ -n "$STD" ]; then + STD_FLAG="--std" +fi + +# Step 2: Install all examples to shared directory +echo "" +echo "Step 2: Installing all examples..." + +# Set up installation directories +# Each directory defaults to ./tests/shared if not specified +if [ -z "$TA_INSTALL_DIR" ]; then + TA_INSTALL_DIR="$(pwd)/tests/shared" +fi + +if [ -z "$CA_INSTALL_DIR" ]; then + CA_INSTALL_DIR="$(pwd)/tests/shared" +fi + +if [ -z "$PLUGIN_INSTALL_DIR" ]; then + PLUGIN_INSTALL_DIR="$(pwd)/tests/shared" +fi + +# Create all directories +mkdir -p "$TA_INSTALL_DIR" +mkdir -p "$CA_INSTALL_DIR" +mkdir -p "$PLUGIN_INSTALL_DIR" + +echo "Installing binaries to:" +echo " TAs: $TA_INSTALL_DIR" +echo " CAs: $CA_INSTALL_DIR" +echo " Plugins: $PLUGIN_INSTALL_DIR" + +EXAMPLES_DIR="$(pwd)/examples" +METADATA_JSON="$EXAMPLES_DIR/metadata.json" + +if [ ! -f "$METADATA_JSON" ]; then + echo "Error: $METADATA_JSON not found" + exit 1 +fi + +# Check if jq is available for JSON parsing +if ! command -v jq &> /dev/null; then + echo "Error: jq is required to parse metadata.json" + echo "Please install jq: apt-get install jq" + exit 1 +fi + +echo "Loading example metadata from $METADATA_JSON..." + +# Get all example names +ALL_EXAMPLES=($(jq -r '.examples | keys[]' "$METADATA_JSON")) + +if [ -n "$STD" ]; then + echo "Building in STD mode (std-only + common examples)" +else + echo "Building in NO-STD mode (no-std-only + common examples)" +fi + +CURRENT=0 +FAILED_EXAMPLES="" + +# Build examples +for EXAMPLE_NAME in "${ALL_EXAMPLES[@]}"; do + CATEGORY=$(jq -r ".examples[\"$EXAMPLE_NAME\"].category" "$METADATA_JSON") + + # Determine if we should build this example + SHOULD_BUILD=false + if [ -n "$STD" ]; then + # STD mode: build std-only and common + if [[ "$CATEGORY" == "std-only" || "$CATEGORY" == "common" ]]; then + SHOULD_BUILD=true + fi + else + # NO-STD mode: build no-std-only and common + if [[ "$CATEGORY" == "no-std-only" || "$CATEGORY" == "common" ]]; then + SHOULD_BUILD=true + fi + fi + + if [ "$SHOULD_BUILD" = false ]; then + continue + fi + + CURRENT=$((CURRENT + 1)) + EXAMPLE_DIR="$EXAMPLES_DIR/$EXAMPLE_NAME" + + if [ ! -d "$EXAMPLE_DIR" ]; then + echo "ERROR: Example directory not found: $EXAMPLE_DIR" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME" + continue + fi + + echo "" + echo "==========================================" + echo "[$CURRENT] Building: $EXAMPLE_NAME ($CATEGORY)" + echo "==========================================" + + # Get TA, CA, and Plugin directories from metadata + TAS_JSON=$(jq -c ".examples[\"$EXAMPLE_NAME\"].tas" "$METADATA_JSON") + CAS_JSON=$(jq -c ".examples[\"$EXAMPLE_NAME\"].cas" "$METADATA_JSON") + PLUGINS_JSON=$(jq -c ".examples[\"$EXAMPLE_NAME\"].plugins // []" "$METADATA_JSON") + + # Build all TAs for this example + TA_COUNT=$(echo "$TAS_JSON" | jq 'length') + CA_COUNT=$(echo "$CAS_JSON" | jq 'length') + PLUGIN_COUNT=$(echo "$PLUGINS_JSON" | jq 'length') + + echo "→ Found $TA_COUNT TA(s), $CA_COUNT CA(s), and $PLUGIN_COUNT Plugin(s)" + + if [ "$TA_COUNT" -gt 0 ]; then + for ((i=0; i<$TA_COUNT; i++)); do + TA_DIR=$(echo "$TAS_JSON" | jq -r ".[$i]") + TA_DIR_FULL_PATH="$EXAMPLES_DIR/$TA_DIR" + + if [ ! -d "$TA_DIR_FULL_PATH" ]; then + echo "ERROR: TA directory not found: $TA_DIR_FULL_PATH" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($TA_DIR)" + continue + fi + + if [ ! -f "$TA_DIR_FULL_PATH/Cargo.toml" ]; then + echo "ERROR: Cargo.toml not found in TA directory: $TA_DIR_FULL_PATH" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($TA_DIR)" + continue + fi + + echo "" + echo "→ Building TA [$((i+1))/$TA_COUNT]: $TA_DIR" + + # Determine STD_FLAG for TA + TA_STD_FLAG="" + if [ -n "$STD" ]; then + # In std mode: always pass --std flag to cargo-optee + TA_STD_FLAG="--std" + fi + + # Change to TA directory and run cargo-optee without --manifest-path + cd "$TA_DIR_FULL_PATH" + + # Run cargo-optee install and capture both stdout and stderr + if $CARGO_OPTEE install ta \ + --target-dir "$TA_INSTALL_DIR" \ + --ta-dev-kit-dir "$TA_DEV_KIT_DIR" \ + --arch "$ARCH_TA" \ + $TA_STD_FLAG; then + echo " ✓ TA installed successfully" + # Clean up build artifacts + $CARGO_OPTEE clean + else + echo " ✗ ERROR: Failed to install TA: $TA_DIR" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($TA_DIR)" + cd "$EXAMPLES_DIR" # Return to examples directory + continue + fi + + # Return to examples directory + cd "$EXAMPLES_DIR" + done + else + echo "WARNING: No TAs defined for $EXAMPLE_NAME" + fi + + # Build each CA + CA_INDEX=0 + while [[ "$CA_INDEX" -lt "$CA_COUNT" ]]; do + CA_DIR=$(echo "$CAS_JSON" | jq -r ".[$CA_INDEX]") + CA_DIR_FULL_PATH="$EXAMPLES_DIR/$CA_DIR" + + echo "" + echo "→ Building CA [$((CA_INDEX+1))/$CA_COUNT]: $CA_DIR" + + if [ ! -d "$CA_DIR_FULL_PATH" ]; then + echo "ERROR: CA directory not found: $CA_DIR_FULL_PATH" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($CA_DIR)" + CA_INDEX=$((CA_INDEX + 1)) + continue + fi + + if [ ! -f "$CA_DIR_FULL_PATH/Cargo.toml" ]; then + echo "ERROR: Cargo.toml not found in CA directory: $CA_DIR_FULL_PATH" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($CA_DIR)" + CA_INDEX=$((CA_INDEX + 1)) + continue + fi + + # Change to CA directory and run cargo-optee without --manifest-path + cd "$CA_DIR_FULL_PATH" + + if $CARGO_OPTEE install ca \ + --target-dir "$CA_INSTALL_DIR" \ + --optee-client-export "$OPTEE_CLIENT_EXPORT" \ + --arch "$ARCH_HOST"; then + echo " ✓ CA installed successfully" + # Clean up build artifacts + $CARGO_OPTEE clean + else + echo " ✗ ERROR: Failed to install CA: $CA_DIR" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($CA_DIR)" + cd "$EXAMPLES_DIR" # Return to examples directory + CA_INDEX=$((CA_INDEX + 1)) + continue + fi + + # Return to examples directory + cd "$EXAMPLES_DIR" + CA_INDEX=$((CA_INDEX + 1)) + done + + # Build each Plugin + PLUGIN_INDEX=0 + while [[ "$PLUGIN_INDEX" -lt "$PLUGIN_COUNT" ]]; do + PLUGIN_DIR=$(echo "$PLUGINS_JSON" | jq -r ".[$PLUGIN_INDEX]") + PLUGIN_DIR_FULL_PATH="$EXAMPLES_DIR/$PLUGIN_DIR" + + echo "" + echo "→ Building Plugin [$((PLUGIN_INDEX+1))/$PLUGIN_COUNT]: $PLUGIN_DIR" + + if [ ! -d "$PLUGIN_DIR_FULL_PATH" ]; then + echo "ERROR: Plugin directory not found: $PLUGIN_DIR_FULL_PATH" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($PLUGIN_DIR)" + PLUGIN_INDEX=$((PLUGIN_INDEX + 1)) + continue + fi + + if [ ! -f "$PLUGIN_DIR_FULL_PATH/Cargo.toml" ]; then + echo "ERROR: Cargo.toml not found in Plugin directory: $PLUGIN_DIR_FULL_PATH" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($PLUGIN_DIR)" + PLUGIN_INDEX=$((PLUGIN_INDEX + 1)) + continue + fi + + # Change to Plugin directory and run cargo-optee without --manifest-path + cd "$PLUGIN_DIR_FULL_PATH" + + if $CARGO_OPTEE install plugin \ + --target-dir "$PLUGIN_INSTALL_DIR" \ + --optee-client-export "$OPTEE_CLIENT_EXPORT" \ + --arch "$ARCH_HOST"; then + echo " ✓ Plugin installed successfully" + # Clean up build artifacts + $CARGO_OPTEE clean + else + echo " ✗ ERROR: Failed to install Plugin: $PLUGIN_DIR" + FAILED_EXAMPLES="$FAILED_EXAMPLES\n - $EXAMPLE_NAME ($PLUGIN_DIR)" + cd "$EXAMPLES_DIR" # Return to examples directory + PLUGIN_INDEX=$((PLUGIN_INDEX + 1)) + continue + fi + + # Return to examples directory + cd "$EXAMPLES_DIR" + PLUGIN_INDEX=$((PLUGIN_INDEX + 1)) + done + + echo "" + echo "✓ Example $EXAMPLE_NAME completed successfully" +done + +# Summary +echo "" +echo "===========================================" +echo " INSTALL SUMMARY" +echo "===========================================" +echo "" +echo "Mode: ${STD:-no-std}" +echo "Architecture: TA=$ARCH_TA, CA=$ARCH_CA" +echo "Examples: $CURRENT installed" +echo "Target dir: $SHARED_DIR" +echo "" + +if [ -n "$FAILED_EXAMPLES" ]; then + echo "❌ INSTALL FAILED" + echo "" + echo "Failed components:" + echo -e "$FAILED_EXAMPLES" + echo "" + exit 1 +else + echo "✅ ALL EXAMPLES INSTALLED SUCCESSFULLY!" + echo "" +fi + diff --git a/examples/Makefile b/examples/Makefile deleted file mode 100644 index db510077..00000000 --- a/examples/Makefile +++ /dev/null @@ -1,113 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# Default build parameters if not specified -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -CROSS_COMPILE_HOST ?= $(CROSS_COMPILE) -CROSS_COMPILE_TA ?= $(CROSS_COMPILE) -TARGET_HOST ?= $(TARGET) -TARGET_TA ?= $(TARGET) -BUILDER ?= cargo -FEATURES ?= - -# Define example categories based on std/no-std support -# STD-only examples (require STD=y to build) -STD_ONLY_EXAMPLES = \ - tls_client-rs \ - tls_server-rs \ - secure_db_abstraction-rs - -# NO-STD-only examples (require STD to be unset to build) -NO_STD_ONLY_EXAMPLES = \ - mnist-rs \ - build_with_optee_utee_sys-rs - -# Common examples (build in both std and no-std modes) -COMMON_EXAMPLES = \ - acipher-rs \ - aes-rs \ - authentication-rs \ - big_int-rs \ - diffie_hellman-rs \ - digest-rs \ - error_handling-rs \ - hello_world-rs \ - hotp-rs \ - inter_ta-rs \ - message_passing_interface-rs \ - property-rs \ - random-rs \ - secure_storage-rs \ - serde-rs \ - supp_plugin-rs \ - tcp_client-rs \ - time-rs \ - udp_socket-rs \ - signature_verification-rs \ - client_pool-rs - -# Clean targets -STD_ONLY_EXAMPLES_CLEAN = $(STD_ONLY_EXAMPLES:%=%-clean) -NO_STD_ONLY_EXAMPLES_CLEAN = $(NO_STD_ONLY_EXAMPLES:%=%-clean) -COMMON_EXAMPLES_CLEAN = $(COMMON_EXAMPLES:%=%-clean) - -# Build std examples (std-only + common examples) -std-examples: std-only-examples common-examples - -# Build no-std examples (no-std-only + common examples) -no-std-examples: no-std-only-examples common-examples - -# Build std-only examples -std-only-examples: $(STD_ONLY_EXAMPLES) - -# Build no-std-only examples -no-std-only-examples: $(NO_STD_ONLY_EXAMPLES) - -# Build common examples (always built) -common-examples: $(COMMON_EXAMPLES) - -# Individual example build rules -$(STD_ONLY_EXAMPLES) $(NO_STD_ONLY_EXAMPLES) $(COMMON_EXAMPLES): - $(q)make -C $@ TARGET_HOST=$(TARGET_HOST) \ - TARGET_TA=$(TARGET_TA) \ - CROSS_COMPILE_HOST=$(CROSS_COMPILE_HOST) \ - CROSS_COMPILE_TA=$(CROSS_COMPILE_TA) \ - TA_DEV_KIT_DIR=$(TA_DEV_KIT_DIR) \ - OPTEE_CLIENT_EXPORT=$(OPTEE_CLIENT_EXPORT) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -# Clean targets -clean: $(STD_ONLY_EXAMPLES_CLEAN) $(NO_STD_ONLY_EXAMPLES_CLEAN) $(COMMON_EXAMPLES_CLEAN) - -$(STD_ONLY_EXAMPLES_CLEAN) $(NO_STD_ONLY_EXAMPLES_CLEAN) $(COMMON_EXAMPLES_CLEAN): - $(q)make -C $(@:-clean=) clean - -# Help target -help: - @echo "Available targets:" - @echo " std-examples - Build std examples (std-only + common)" - @echo " no-std-examples - Build no-std examples (no-std-only + common)" - @echo " std-only-examples - Build std-only examples (requires STD=y)" - @echo " no-std-only-examples - Build no-std-only examples (requires STD unset)" - @echo " common-examples - Build examples that work in both modes" - @echo " clean - Clean all examples" - -.PHONY: std-examples no-std-examples std-only-examples no-std-only-examples common-examples \ - $(STD_ONLY_EXAMPLES) $(NO_STD_ONLY_EXAMPLES) $(COMMON_EXAMPLES) \ - $(STD_ONLY_EXAMPLES_CLEAN) $(NO_STD_ONLY_EXAMPLES_CLEAN) $(COMMON_EXAMPLES_CLEAN) clean help diff --git a/examples/acipher-rs/Makefile b/examples/acipher-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/acipher-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/acipher-rs/host/Makefile b/examples/acipher-rs/host/Makefile deleted file mode 100644 index fcafa820..00000000 --- a/examples/acipher-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := acipher-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/acipher-rs/ta/Makefile b/examples/acipher-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/acipher-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/aes-rs/Makefile b/examples/aes-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/aes-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/aes-rs/ta/Makefile b/examples/aes-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/aes-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/authentication-rs/Makefile b/examples/authentication-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/authentication-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/authentication-rs/host/Makefile b/examples/authentication-rs/host/Makefile deleted file mode 100644 index 6918a350..00000000 --- a/examples/authentication-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := authentication-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/authentication-rs/ta/Makefile b/examples/authentication-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/authentication-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/big_int-rs/Makefile b/examples/big_int-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/big_int-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/big_int-rs/host/Makefile b/examples/big_int-rs/host/Makefile deleted file mode 100644 index 7aefadde..00000000 --- a/examples/big_int-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := big_int-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/big_int-rs/ta/Makefile b/examples/big_int-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/big_int-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/build_with_optee_utee_sys-rs/Makefile b/examples/build_with_optee_utee_sys-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/build_with_optee_utee_sys-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/build_with_optee_utee_sys-rs/host/Makefile b/examples/build_with_optee_utee_sys-rs/host/Makefile deleted file mode 100644 index a5951ab3..00000000 --- a/examples/build_with_optee_utee_sys-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := build_with_optee_utee_sys-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) -vv - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/build_with_optee_utee_sys-rs/ta/Makefile b/examples/build_with_optee_utee_sys-rs/ta/Makefile deleted file mode 100644 index bc8d04ea..00000000 --- a/examples/build_with_optee_utee_sys-rs/ta/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" -# fix for the error: "unwinding panics are not supported without std" reported by clippy -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" cargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" cargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/client_pool-rs/Makefile b/examples/client_pool-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/client_pool-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/client_pool-rs/host/Makefile b/examples/client_pool-rs/host/Makefile deleted file mode 100644 index 8928f13b..00000000 --- a/examples/client_pool-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := client_pool-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/client_pool-rs/ta/Makefile b/examples/client_pool-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/client_pool-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/diffie_hellman-rs/Makefile b/examples/diffie_hellman-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/diffie_hellman-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/diffie_hellman-rs/host/Makefile b/examples/diffie_hellman-rs/host/Makefile deleted file mode 100644 index 99e9c8dd..00000000 --- a/examples/diffie_hellman-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := diffie_hellman-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/diffie_hellman-rs/ta/Makefile b/examples/diffie_hellman-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/diffie_hellman-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/digest-rs/Makefile b/examples/digest-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/digest-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/digest-rs/host/Makefile b/examples/digest-rs/host/Makefile deleted file mode 100644 index 2afa5770..00000000 --- a/examples/digest-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := digest-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/digest-rs/ta/Makefile b/examples/digest-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/digest-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/error_handling-rs/Makefile b/examples/error_handling-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/error_handling-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/error_handling-rs/host/Makefile b/examples/error_handling-rs/host/Makefile deleted file mode 100644 index 1e85505a..00000000 --- a/examples/error_handling-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := error_handling-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/error_handling-rs/ta/Makefile b/examples/error_handling-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/error_handling-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/hello_world-rs/Makefile b/examples/hello_world-rs/Makefile deleted file mode 100644 index 8cfb9051..00000000 --- a/examples/hello_world-rs/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo - - -.PHONY: all host ta clean emulate - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -emulate: - $(q)make -C host emulate TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - $(q)make -C ta emulate TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean diff --git a/examples/hello_world-rs/host/Makefile b/examples/hello_world-rs/host/Makefile deleted file mode 100644 index 12859e07..00000000 --- a/examples/hello_world-rs/host/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := hello_world-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release -.PHONY: all host strip clean emulate - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -emulate: all - @sync_to_emulator --host $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/hello_world-rs/ta/Makefile b/examples/hello_world-rs/ta/Makefile deleted file mode 100644 index 7733b65b..00000000 --- a/examples/hello_world-rs/ta/Makefile +++ /dev/null @@ -1,57 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -emulate: all - @sync_to_emulator --ta $(OUT_DIR)/$(UUID).ta - -clean: - @cargo clean diff --git a/examples/hotp-rs/Makefile b/examples/hotp-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/hotp-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/hotp-rs/host/Makefile b/examples/hotp-rs/host/Makefile deleted file mode 100644 index 05b2606d..00000000 --- a/examples/hotp-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := hotp-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/hotp-rs/ta/Makefile b/examples/hotp-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/hotp-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/inter_ta-rs/Makefile b/examples/inter_ta-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/inter_ta-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/inter_ta-rs/host/Makefile b/examples/inter_ta-rs/host/Makefile deleted file mode 100644 index faf32001..00000000 --- a/examples/inter_ta-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := inter_ta-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/inter_ta-rs/ta/Makefile b/examples/inter_ta-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/inter_ta-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/message_passing_interface-rs/Makefile b/examples/message_passing_interface-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/message_passing_interface-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/message_passing_interface-rs/host/Makefile b/examples/message_passing_interface-rs/host/Makefile deleted file mode 100644 index ce99050e..00000000 --- a/examples/message_passing_interface-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := message_passing_interface-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/message_passing_interface-rs/ta/Makefile b/examples/message_passing_interface-rs/ta/Makefile deleted file mode 100644 index edaa38d1..00000000 --- a/examples/message_passing_interface-rs/ta/Makefile +++ /dev/null @@ -1,59 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort -ifeq ($(BUILDER),xargo) -EXTRA_FLAGS = -else -EXTRA_FLAGS = -Z build-std=core,alloc -Z build-std-features=panic_immediate_abort -endif - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(EXTRA_FLAGS) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) $(EXTRA_FLAGS) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/metadata.json b/examples/metadata.json new file mode 100644 index 00000000..e6941be4 --- /dev/null +++ b/examples/metadata.json @@ -0,0 +1,138 @@ +{ + "examples": { + "message_passing_interface-rs": { + "category": "common", + "tas": ["message_passing_interface-rs/ta"], + "cas": ["message_passing_interface-rs/host"] + }, + "serde-rs": { + "category": "common", + "tas": ["serde-rs/ta"], + "cas": ["serde-rs/host"] + }, + "tls_client-rs": { + "category": "std-only", + "tas": ["tls_client-rs/ta"], + "cas": ["tls_client-rs/host"] + }, + "tls_server-rs": { + "category": "std-only", + "tas": ["tls_server-rs/ta"], + "cas": ["tls_server-rs/host"] + }, + "secure_db_abstraction-rs": { + "category": "std-only", + "tas": ["secure_db_abstraction-rs/ta"], + "cas": ["secure_db_abstraction-rs/host"] + }, + "mnist-rs": { + "category": "no-std-only", + "tas": [ + "mnist-rs/ta/inference", + "mnist-rs/ta/train" + ], + "cas": ["mnist-rs/host"] + }, + "build_with_optee_utee_sys-rs": { + "category": "no-std-only", + "tas": ["build_with_optee_utee_sys-rs/ta"], + "cas": ["build_with_optee_utee_sys-rs/host"] + }, + "acipher-rs": { + "category": "common", + "tas": ["acipher-rs/ta"], + "cas": ["acipher-rs/host"] + }, + "aes-rs": { + "category": "common", + "tas": ["aes-rs/ta"], + "cas": ["aes-rs/host"] + }, + "authentication-rs": { + "category": "common", + "tas": ["authentication-rs/ta"], + "cas": ["authentication-rs/host"] + }, + "big_int-rs": { + "category": "common", + "tas": ["big_int-rs/ta"], + "cas": ["big_int-rs/host"] + }, + "diffie_hellman-rs": { + "category": "common", + "tas": ["diffie_hellman-rs/ta"], + "cas": ["diffie_hellman-rs/host"] + }, + "digest-rs": { + "category": "common", + "tas": ["digest-rs/ta"], + "cas": ["digest-rs/host"] + }, + "error_handling-rs": { + "category": "common", + "tas": ["error_handling-rs/ta"], + "cas": ["error_handling-rs/host"] + }, + "hello_world-rs": { + "category": "common", + "tas": ["hello_world-rs/ta"], + "cas": ["hello_world-rs/host"] + }, + "hotp-rs": { + "category": "common", + "tas": ["hotp-rs/ta"], + "cas": ["hotp-rs/host"] + }, + "inter_ta-rs": { + "category": "common", + "tas": ["inter_ta-rs/ta"], + "cas": ["inter_ta-rs/host"] + }, + "property-rs": { + "category": "common", + "tas": ["property-rs/ta"], + "cas": ["property-rs/host"] + }, + "random-rs": { + "category": "common", + "tas": ["random-rs/ta"], + "cas": ["random-rs/host"] + }, + "secure_storage-rs": { + "category": "common", + "tas": ["secure_storage-rs/ta"], + "cas": ["secure_storage-rs/host"] + }, + "supp_plugin-rs": { + "category": "common", + "tas": ["supp_plugin-rs/ta"], + "cas": ["supp_plugin-rs/host"], + "plugins": ["supp_plugin-rs/plugin"] + }, + "tcp_client-rs": { + "category": "common", + "tas": ["tcp_client-rs/ta"], + "cas": ["tcp_client-rs/host"] + }, + "time-rs": { + "category": "common", + "tas": ["time-rs/ta"], + "cas": ["time-rs/host"] + }, + "udp_socket-rs": { + "category": "common", + "tas": ["udp_socket-rs/ta"], + "cas": ["udp_socket-rs/host"] + }, + "signature_verification-rs": { + "category": "common", + "tas": ["signature_verification-rs/ta"], + "cas": ["signature_verification-rs/host"] + }, + "client_pool-rs": { + "category": "common", + "tas": ["client_pool-rs/ta"], + "cas": ["client_pool-rs/host"] + } + } +} diff --git a/examples/mnist-rs/Makefile b/examples/mnist-rs/Makefile deleted file mode 100644 index fc8410cf..00000000 --- a/examples/mnist-rs/Makefile +++ /dev/null @@ -1,52 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: toolchain host ta - -toolchain: - rustup toolchain install - -host: toolchain - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: toolchain - $(q)make -C ta/train TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - $(q)make -C ta/inference TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - cd proto && cargo clean - $(q)make -C ta/train clean - $(q)make -C ta/inference clean diff --git a/examples/mnist-rs/host/Makefile b/examples/mnist-rs/host/Makefile deleted file mode 100644 index 00518a24..00000000 --- a/examples/mnist-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := mnist-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/mnist-rs/ta/inference/Cargo.toml b/examples/mnist-rs/ta/inference/Cargo.toml index b10e3061..eb6d1a36 100644 --- a/examples/mnist-rs/ta/inference/Cargo.toml +++ b/examples/mnist-rs/ta/inference/Cargo.toml @@ -25,6 +25,9 @@ license.workspace = true repository.workspace = true edition.workspace = true +[package.metadata.optee.ta] +uuid-path = "uuid.txt" + [dependencies] common = { path = "../common" } proto = { workspace = true } diff --git a/examples/mnist-rs/ta/inference/Makefile b/examples/mnist-rs/ta/inference/Makefile deleted file mode 100644 index 00bf71fb..00000000 --- a/examples/mnist-rs/ta/inference/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "./uuid.txt") -NAME := inference - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" -# fix for the error: "unwinding panics are not supported without std" reported by clippy -RUSTFLAGS := -C panic=abort -EXTRA_FLAGS = -Z build-std=core,alloc -Z build-std-features=panic_immediate_abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/../target/$(TARGET)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" cargo clippy --target $(TARGET) $(EXTRA_FLAGS) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" cargo build --target $(TARGET) --release --config $(LINKER_CFG) $(EXTRA_FLAGS) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/stripped_$(NAME) - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_$(NAME) --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/mnist-rs/ta/train/Cargo.toml b/examples/mnist-rs/ta/train/Cargo.toml index a0c24f98..1d00239b 100644 --- a/examples/mnist-rs/ta/train/Cargo.toml +++ b/examples/mnist-rs/ta/train/Cargo.toml @@ -25,6 +25,9 @@ license.workspace = true repository.workspace = true edition.workspace = true +[package.metadata.optee.ta] +uuid-path = "uuid.txt" + [dependencies] common = { path = "../common" } proto = { workspace = true } diff --git a/examples/mnist-rs/ta/train/Makefile b/examples/mnist-rs/ta/train/Makefile deleted file mode 100644 index 34594c51..00000000 --- a/examples/mnist-rs/ta/train/Makefile +++ /dev/null @@ -1,51 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "./uuid.txt") -NAME := train - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" -# fix for the error: "unwinding panics are not supported without std" reported by clippy -RUSTFLAGS := -C panic=abort -EXTRA_FLAGS = -Z build-std=core,alloc - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/../target/$(TARGET)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" cargo clippy --target $(TARGET) $(EXTRA_FLAGS) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" cargo build --target $(TARGET) --release --config $(LINKER_CFG) $(EXTRA_FLAGS) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/stripped_$(NAME) - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_$(NAME) --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/property-rs/Makefile b/examples/property-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/property-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/property-rs/host/Makefile b/examples/property-rs/host/Makefile deleted file mode 100644 index 9064532d..00000000 --- a/examples/property-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := property-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/property-rs/ta/Makefile b/examples/property-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/property-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/random-rs/Makefile b/examples/random-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/random-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/random-rs/host/Makefile b/examples/random-rs/host/Makefile deleted file mode 100644 index fd4801fc..00000000 --- a/examples/random-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := random-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/random-rs/ta/Makefile b/examples/random-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/random-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/secure_db_abstraction-rs/Makefile b/examples/secure_db_abstraction-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/secure_db_abstraction-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/secure_db_abstraction-rs/host/Makefile b/examples/secure_db_abstraction-rs/host/Makefile deleted file mode 100644 index d4481cd7..00000000 --- a/examples/secure_db_abstraction-rs/host/Makefile +++ /dev/null @@ -1,42 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -NAME := secure_db_abstraction-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/secure_db_abstraction-rs/ta/Cargo.toml b/examples/secure_db_abstraction-rs/ta/Cargo.toml index 8b666fc9..a9471ddf 100644 --- a/examples/secure_db_abstraction-rs/ta/Cargo.toml +++ b/examples/secure_db_abstraction-rs/ta/Cargo.toml @@ -33,6 +33,11 @@ secure_db = { path = "../../../crates/secure_db" } anyhow = "1.0" serde = { version = "1.0", features = ["derive"] } +[features] +# std feature is required for this TA - it uses std-only dependencies +# Build will fail without this feature enabled +std = [] + [build-dependencies] proto = { path = "../proto" } optee-utee-build = { path = "../../../optee-utee-build" } diff --git a/examples/secure_db_abstraction-rs/ta/Makefile b/examples/secure_db_abstraction-rs/ta/Makefile deleted file mode 100644 index 086bba13..00000000 --- a/examples/secure_db_abstraction-rs/ta/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-optee -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @xargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @xargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/secure_db_abstraction-rs/ta/build.rs b/examples/secure_db_abstraction-rs/ta/build.rs index fa2cd0f4..57fe3656 100644 --- a/examples/secure_db_abstraction-rs/ta/build.rs +++ b/examples/secure_db_abstraction-rs/ta/build.rs @@ -18,6 +18,10 @@ use optee_utee_build::{Error, RustEdition, TaConfig}; fn main() -> Result<(), Error> { + // Enforce that the std feature must be enabled for this TA + #[cfg(not(feature = "std"))] + compile_error!("This TA requires the 'std' feature to be enabled. Build with --features std"); + let ta_config = TaConfig::new_default_with_cargo_env(proto::UUID)?; optee_utee_build::build(RustEdition::Before2024, ta_config) } diff --git a/examples/secure_storage-rs/Makefile b/examples/secure_storage-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/secure_storage-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/secure_storage-rs/host/Makefile b/examples/secure_storage-rs/host/Makefile deleted file mode 100644 index 5597ef97..00000000 --- a/examples/secure_storage-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := secure_storage-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/secure_storage-rs/ta/Makefile b/examples/secure_storage-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/secure_storage-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/serde-rs/Makefile b/examples/serde-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/serde-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/serde-rs/host/Makefile b/examples/serde-rs/host/Makefile deleted file mode 100644 index 81efbc97..00000000 --- a/examples/serde-rs/host/Makefile +++ /dev/null @@ -1,41 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := serde-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean - diff --git a/examples/serde-rs/ta/Makefile b/examples/serde-rs/ta/Makefile deleted file mode 100644 index fcb50dae..00000000 --- a/examples/serde-rs/ta/Makefile +++ /dev/null @@ -1,60 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort -ifeq ($(BUILDER),xargo) -EXTRA_FLAGS = -else -EXTRA_FLAGS = -Z build-std=core,alloc -Z build-std-features=panic_immediate_abort -endif - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(EXTRA_FLAGS) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) $(EXTRA_FLAGS) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean - diff --git a/examples/signature_verification-rs/Makefile b/examples/signature_verification-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/signature_verification-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/signature_verification-rs/host/Makefile b/examples/signature_verification-rs/host/Makefile deleted file mode 100644 index 69fe848b..00000000 --- a/examples/signature_verification-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := signature_verification-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/signature_verification-rs/ta/Makefile b/examples/signature_verification-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/signature_verification-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/supp_plugin-rs/Makefile b/examples/supp_plugin-rs/Makefile deleted file mode 100644 index 660bcba3..00000000 --- a/examples/supp_plugin-rs/Makefile +++ /dev/null @@ -1,48 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta plugin all clean - -all: host ta plugin - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -plugin: - $(q)make -C plugin TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -clean: - $(q)make -C host clean - $(q)make -C plugin clean - $(q)make -C ta clean diff --git a/examples/supp_plugin-rs/host/Cargo.toml b/examples/supp_plugin-rs/host/Cargo.toml index e09c6530..d75aeb3a 100644 --- a/examples/supp_plugin-rs/host/Cargo.toml +++ b/examples/supp_plugin-rs/host/Cargo.toml @@ -24,6 +24,11 @@ repository = "https://github.com/apache/teaclave-trustzone-sdk.git" description = "An example of Rust OP-TEE TrustZone SDK." edition = "2018" +[package.metadata.optee.ca] +arch = "aarch64" +debug = false +optee-client-export = { aarch64 = "../../../optee/optee_client/export_arm64", arm = "../../../optee/optee_client/export_arm32" } + [dependencies] libc = "0.2.48" proto = { path = "../proto" } diff --git a/examples/supp_plugin-rs/host/Makefile b/examples/supp_plugin-rs/host/Makefile deleted file mode 100644 index 7731bb5b..00000000 --- a/examples/supp_plugin-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := supp_plugin-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/supp_plugin-rs/plugin/Cargo.toml b/examples/supp_plugin-rs/plugin/Cargo.toml index dd7949e9..5ecb7317 100644 --- a/examples/supp_plugin-rs/plugin/Cargo.toml +++ b/examples/supp_plugin-rs/plugin/Cargo.toml @@ -34,6 +34,10 @@ uuid = { version = "0.8" } proto = { path = "../proto" } anyhow = "1.0" +[package.metadata.optee.plugin] +uuid-path = "../plugin_uuid.txt" +optee-client-export = { aarch64 = "../../../optee/optee_client/export_arm64" } + [profile.release] lto = true diff --git a/examples/supp_plugin-rs/plugin/Makefile b/examples/supp_plugin-rs/plugin/Makefile deleted file mode 100644 index e1b5b89b..00000000 --- a/examples/supp_plugin-rs/plugin/Makefile +++ /dev/null @@ -1,39 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := syslog_plugin -PLUGIN_UUID := `cat ../plugin_uuid.txt` - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET) --release --config $(LINKER_CFG) - cp $(CURDIR)/target/$(TARGET)/release/lib$(NAME).so $(CURDIR)/target/$(TARGET)/release/$(PLUGIN_UUID).plugin.so - -clean: - @cargo clean diff --git a/examples/supp_plugin-rs/ta/Cargo.toml b/examples/supp_plugin-rs/ta/Cargo.toml index b607aced..7bf2ac58 100644 --- a/examples/supp_plugin-rs/ta/Cargo.toml +++ b/examples/supp_plugin-rs/ta/Cargo.toml @@ -24,6 +24,14 @@ repository = "https://github.com/apache/teaclave-trustzone-sdk.git" description = "An example of Rust OP-TEE TrustZone SDK." edition = "2018" +[package.metadata.optee.ta] +arch = "aarch64" +debug = false +std = false +uuid-path = "../ta_uuid.txt" +ta-dev-kit-dir = { aarch64 = "../../../optee/optee_os/out/arm-plat-vexpress/export-ta_arm64" } +signing-key = "" + [features] default = [] std = ["optee-utee/std", "optee-utee-sys/std"] diff --git a/examples/supp_plugin-rs/ta/Makefile b/examples/supp_plugin-rs/ta/Makefile deleted file mode 100644 index 515492a1..00000000 --- a/examples/supp_plugin-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../ta_uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/tcp_client-rs/Makefile b/examples/tcp_client-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/tcp_client-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/tcp_client-rs/host/Makefile b/examples/tcp_client-rs/host/Makefile deleted file mode 100644 index 835a3550..00000000 --- a/examples/tcp_client-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := tcp_client-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/tcp_client-rs/ta/Makefile b/examples/tcp_client-rs/ta/Makefile deleted file mode 100644 index 8830d17d..00000000 --- a/examples/tcp_client-rs/ta/Makefile +++ /dev/null @@ -1,56 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/time-rs/Makefile b/examples/time-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/time-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/time-rs/host/Makefile b/examples/time-rs/host/Makefile deleted file mode 100644 index e4df8d70..00000000 --- a/examples/time-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := time-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/time-rs/ta/Makefile b/examples/time-rs/ta/Makefile deleted file mode 100644 index 4b03489b..00000000 --- a/examples/time-rs/ta/Makefile +++ /dev/null @@ -1,54 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/tls_client-rs/Makefile b/examples/tls_client-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/tls_client-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/tls_client-rs/host/Makefile b/examples/tls_client-rs/host/Makefile deleted file mode 100644 index da547925..00000000 --- a/examples/tls_client-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := tls_client-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/tls_client-rs/ta/Cargo.toml b/examples/tls_client-rs/ta/Cargo.toml index 3f85be63..6bf11615 100644 --- a/examples/tls_client-rs/ta/Cargo.toml +++ b/examples/tls_client-rs/ta/Cargo.toml @@ -37,6 +37,11 @@ anyhow = "1.0" # Add getrandom and enable its custom feature, see more details in main.rs getrandom = { version = "0.2", default-features = false, features = ["custom"] } +[features] +# std feature is required for this TA - it uses std-only dependencies +# Build will fail without this feature enabled +std = [] + [build-dependencies] proto = { path = "../proto" } optee-utee-build = { path = "../../../optee-utee-build" } diff --git a/examples/tls_client-rs/ta/Makefile b/examples/tls_client-rs/ta/Makefile deleted file mode 100644 index 086bba13..00000000 --- a/examples/tls_client-rs/ta/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-optee -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @xargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @xargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/tls_client-rs/ta/build.rs b/examples/tls_client-rs/ta/build.rs index 6b02270f..865025e8 100644 --- a/examples/tls_client-rs/ta/build.rs +++ b/examples/tls_client-rs/ta/build.rs @@ -18,6 +18,10 @@ use optee_utee_build::{Error, RustEdition, TaConfig}; fn main() -> Result<(), Error> { + // Enforce that the std feature must be enabled for this TA + #[cfg(not(feature = "std"))] + compile_error!("This TA requires the 'std' feature to be enabled. Build with --features std"); + let ta_config = TaConfig::new_default_with_cargo_env(proto::UUID)? .ta_data_size(18 * 1024 * 1024) .ta_stack_size(2 * 1024 * 1024); diff --git a/examples/tls_server-rs/Makefile b/examples/tls_server-rs/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/examples/tls_server-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/examples/tls_server-rs/host/Makefile b/examples/tls_server-rs/host/Makefile deleted file mode 100644 index be9bd4f3..00000000 --- a/examples/tls_server-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := tls_server-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/tls_server-rs/ta/Cargo.toml b/examples/tls_server-rs/ta/Cargo.toml index 279fa348..519f9581 100644 --- a/examples/tls_server-rs/ta/Cargo.toml +++ b/examples/tls_server-rs/ta/Cargo.toml @@ -37,6 +37,11 @@ anyhow = "1.0" # Add getrandom and enable its custom feature, see more details in main.rs getrandom = { version = "0.2", default-features = false, features = ["custom"] } +[features] +# std feature is required for this TA - it uses std-only dependencies +# Build will fail without this feature enabled +std = [] + [build-dependencies] proto = { path = "../proto" } optee-utee-build = { path = "../../../optee-utee-build" } diff --git a/examples/tls_server-rs/ta/Makefile b/examples/tls_server-rs/ta/Makefile deleted file mode 100644 index 086bba13..00000000 --- a/examples/tls_server-rs/ta/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-optee -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @xargo clippy --target $(TARGET) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @xargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/examples/tls_server-rs/ta/build.rs b/examples/tls_server-rs/ta/build.rs index 6b02270f..865025e8 100644 --- a/examples/tls_server-rs/ta/build.rs +++ b/examples/tls_server-rs/ta/build.rs @@ -18,6 +18,10 @@ use optee_utee_build::{Error, RustEdition, TaConfig}; fn main() -> Result<(), Error> { + // Enforce that the std feature must be enabled for this TA + #[cfg(not(feature = "std"))] + compile_error!("This TA requires the 'std' feature to be enabled. Build with --features std"); + let ta_config = TaConfig::new_default_with_cargo_env(proto::UUID)? .ta_data_size(18 * 1024 * 1024) .ta_stack_size(2 * 1024 * 1024); diff --git a/examples/udp_socket-rs/Makefile b/examples/udp_socket-rs/Makefile deleted file mode 100644 index 6b56d78a..00000000 --- a/examples/udp_socket-rs/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean diff --git a/examples/udp_socket-rs/host/Makefile b/examples/udp_socket-rs/host/Makefile deleted file mode 100644 index 9a605a07..00000000 --- a/examples/udp_socket-rs/host/Makefile +++ /dev/null @@ -1,40 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := udp_socket-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -all: clippy host strip - -clippy: - @cargo fmt - @cargo clippy --target $(TARGET_HOST) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -host: clippy - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean diff --git a/examples/udp_socket-rs/ta/Makefile b/examples/udp_socket-rs/ta/Makefile deleted file mode 100644 index e407b272..00000000 --- a/examples/udp_socket-rs/ta/Makefile +++ /dev/null @@ -1,57 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -# fix for the error: "unwinding panics are not supported without std" reported by clippy -# Set panic=abort for std and no-std -RUSTFLAGS := -C panic=abort - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET)/release - -BUILDER ?= cargo -FEATURES ?= -FEATURES ?= - -all: clippy ta strip sign - -clippy: - @cargo fmt - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) clippy --target $(TARGET) $(FEATURES) -- -D warnings -D clippy::unwrap_used -D clippy::expect_used -D clippy::panic - -ta: clippy - @RUSTFLAGS="$(RUSTFLAGS)" $(BUILDER) build --target $(TARGET) --release $(FEATURES) --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean diff --git a/optee-utee-build/src/linker.rs b/optee-utee-build/src/linker.rs index d2643596..9cf37cc1 100644 --- a/optee-utee-build/src/linker.rs +++ b/optee-utee-build/src/linker.rs @@ -126,10 +126,11 @@ impl Linker { out_dir: PathBuf, ta_dev_kit_dir: PathBuf, ) -> Result<(), Error> { - const ENV_TARGET_TA: &str = "TARGET_TA"; - println!("cargo:rerun-if-env-changed={}", ENV_TARGET_TA); + // cargo passes TARGET as env to the build scripts + const ENV_TARGET: &str = "TARGET"; + println!("cargo:rerun-if-env-changed={}", ENV_TARGET); let mut aarch64_flag = true; - match env::var(ENV_TARGET_TA) { + match env::var(ENV_TARGET) { Ok(ref v) if v == "arm-unknown-linux-gnueabihf" || v == "arm-unknown-optee" => { match self.linker_type { LinkerType::Cc => println!("cargo:rustc-link-arg=-Wl,--no-warn-mismatch"), diff --git a/projects/web3/eth_wallet/Makefile b/projects/web3/eth_wallet/Makefile deleted file mode 100644 index 3304f50b..00000000 --- a/projects/web3/eth_wallet/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# If _HOST or _TA specific compiler/target are not specified, then use common -# compiler/target for both -CROSS_COMPILE_HOST ?= aarch64-linux-gnu- -CROSS_COMPILE_TA ?= aarch64-linux-gnu- -TARGET_HOST ?= aarch64-unknown-linux-gnu -TARGET_TA ?= aarch64-unknown-linux-gnu -BUILDER ?= cargo -FEATURES ?= - -.PHONY: host ta all clean - -all: host ta - -host: - $(q)make -C host TARGET=$(TARGET_HOST) \ - CROSS_COMPILE=$(CROSS_COMPILE_HOST) - -ta: - $(q)make -C ta TARGET=$(TARGET_TA) \ - CROSS_COMPILE=$(CROSS_COMPILE_TA) \ - BUILDER=$(BUILDER) \ - FEATURES="$(FEATURES)" - -clean: - $(q)make -C host clean - $(q)make -C ta clean \ No newline at end of file diff --git a/projects/web3/eth_wallet/host/Makefile b/projects/web3/eth_wallet/host/Makefile deleted file mode 100644 index 3faa2dd7..00000000 --- a/projects/web3/eth_wallet/host/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -NAME := eth_wallet-rs - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE)objcopy -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -OUT_DIR := $(CURDIR)/target/$(TARGET)/release -all: host strip - -host: - @cargo build --target $(TARGET_HOST) --release --config $(LINKER_CFG) - -strip: host - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/$(NAME) $(OUT_DIR)/$(NAME) - -clean: - @cargo clean \ No newline at end of file diff --git a/projects/web3/eth_wallet/ta/Makefile b/projects/web3/eth_wallet/ta/Makefile deleted file mode 100644 index 453b583a..00000000 --- a/projects/web3/eth_wallet/ta/Makefile +++ /dev/null @@ -1,49 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -# STD-ONLY example - -UUID ?= $(shell cat "../uuid.txt") - -TARGET ?= aarch64-unknown-linux-gnu -CROSS_COMPILE ?= aarch64-linux-gnu- -OBJCOPY := $(CROSS_COMPILE_TA)objcopy -# Configure the linker to use GCC, which works on both cross-compilation and ARM machines -LINKER_CFG := target.$(TARGET).linker=\"$(CROSS_COMPILE)gcc\" - -TA_SIGN_KEY ?= $(TA_DEV_KIT_DIR)/keys/default_ta.pem -SIGN := $(TA_DEV_KIT_DIR)/scripts/sign_encrypt.py -OUT_DIR := $(CURDIR)/target/$(TARGET_TA)/release - -all: clippy ta strip sign - -clippy: - @cargo fmt - @xargo clippy --target $(TARGET) -- -D warnings - -ta: clippy - @xargo build --target $(TARGET) --release --config $(LINKER_CFG) - -strip: ta - @$(OBJCOPY) --strip-unneeded $(OUT_DIR)/ta $(OUT_DIR)/stripped_ta - -sign: strip - @$(SIGN) --uuid $(UUID) --key $(TA_SIGN_KEY) --in $(OUT_DIR)/stripped_ta --out $(OUT_DIR)/$(UUID).ta - @echo "SIGN => ${UUID}" - -clean: - @cargo clean \ No newline at end of file