ivila opened a new issue, #155: URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/155
## Reason There are some reasons that makes us struggle with current build process: ### 1) ta_static.rs This file was copy again and again, and it is meaningless for the TA, and TA need to write some configurations consts with specific names to combine with it, developers keep repeating themselves and make some new comers confusing, especially the `EXT_PROP_VALUE_1` and `EXT_PROP_VALUE_2`. ### 2) the linking process There are bunch of codes copy again and again, some of the new comers confuse about the codes in the build.rs, why they are here, what did they do, what is the ta.lds, etc. ### 3) the upgrade process Sometimes we need to update the codes, for example: 1. update build and link script as you do: [examples: polish linking script](https://github.com/apache/incubator-teaclave-trustzone-sdk/commit/a6b5cfbfbbe039aa17d954122f95c7d2b8fcf158#diff-c0cdd7b28f558bd417069b8e60ed35b70ac1cd01e68e3c0ba6c7311a5a444e22L42-R42) 2. update `#[no_mangle]` to `#[unsafe(no_mangle)]` as rust 2024 required 3. add some extra properties Every time we do so, we need to update every crates in our repo, and must provide a detail description letting developers know which line to change, however developers expect they should just upgrade the version rather than modify the ta_static.rs, build.rs, main.rs again and again. ## Proposal We should add a `optee-utee-build` crate, this crate can: 1. provide a TAConfig struct and generate user_ta_header.rs automatically: just like [`prost-build`](https://docs.rs/prost-build/latest/prost_build/) for `prost`, developers could just include the generated file in their `src/main.rs`, save them from ta.static.rs and configurations consts with specific names. 2. handle linking automatically: generate ta.lds and link to it automatically, with other linking process. 3. provide a easy way for upgrade: every time we need to change something about the building process, we just upgrade this crate. By using this crate, the `build.rs` in hello-world-rs change to: ```rust // new build.rs use proto; use optee_utee_build::{TAConfig, RustEdition, Error}; fn main() -> Result<(), Error> { let config = TAConfig::new_standard("0.1", "This is a hello world example.", "Hello World TA"); optee_utee_build::build(RustEdition::Before2024, proto::UUID, config) } ``` And for reference, current codes: https://github.com/apache/incubator-teaclave-trustzone-sdk/blob/8bb315f2e0cc1105ad372b8de9024652b234fc2b/examples/hello_world-rs/ta/build.rs#L18-L103 And people can remove the configuration consts: ```rust /* TA configurations was removed, and should set by TAConfig in build.rs // TA configurations const TA_FLAGS: u32 = 0; const TA_DATA_SIZE: u32 = 32 * 1024; const TA_STACK_SIZE: u32 = 2 * 1024; const TA_VERSION: &[u8] = b"0.1\0"; const TA_DESCRIPTION: &[u8] = b"This is a hello world example.\0"; const EXT_PROP_VALUE_1: &[u8] = b"Hello World TA\0"; const EXT_PROP_VALUE_2: u32 = 0x0010; const TRACE_LEVEL: i32 = 4; const TRACE_EXT_PREFIX: &[u8] = b"TA\0"; const TA_FRAMEWORK_STACK_SIZE: u32 = 2048; */ include!(concat!(env!("OUT_DIR"), "/user_ta_header.rs")); // this keeps ``` ## Demo Please check the optee-utee-build branch in my fork. You can also view the changes by this [link](https://github.com/ivila/incubator-teaclave-trustzone-sdk/commit/128540f2e5bdb5b516f18224f2e76a7fb747a952#diff-71038f9be390e656abab640ce2f55aa1cd9fd53543796dce2b564860076e4c72) All the pipeline passed, check [this](https://github.com/ivila/incubator-teaclave-trustzone-sdk/actions/runs/12423547635/job/34688788366) The core changes are: ### 1. add optee-utee-crate 1. Add TAConfig struct, people use this to set the configuration of TA. ```rust #[derive(Debug, Clone)] pub struct TAConfig { pub ta_flags: u32, pub ta_data_size: u32, pub ta_stack_size: u32, pub ta_version: String, pub ta_description: String, pub trace_level: i32, pub trace_ext_prefix: String, pub ta_framework_stack_size: u32, pub ext_properties: Vec<Property>, } ``` 2. Add Config struct, people use the set the configuration of building process. ```rust pub struct Config { out_dir: Option<PathBuf>, edition: RustEdition, header_file_name: Option<String>, ta_config: TAConfig, } ``` 3. Add RustEdition enum, just like [`RustEdition` in `bindgen`](https://docs.rs/bindgen/latest/bindgen/enum.RustEdition.html), we need this for code generation. ### 2. use optee-utee-crate to build the hello world example 1. remove ta_static.rs 2. add optee-utee-build as build-dependencies and removed uuid from build-dependencies 3. in build.rs, use optee-utee-build instead of custom scripts. 4. in Makefile, use gcc as linker to fix the problem when building on ARM host (just like [this issue](https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/135), I didn't realize in the examples we use ld.bfd as linkeršIn my team we always use gcc as default linker). ### 3. fix pipeline change pipeline of `OPTEE-repo-build-and-run-examples-32bit-TAs` and `OPTEE-repo-build-and-run-examples-32bit-TAs`, set the version of manifest to 4.4.0, as they update the [qemu_v8.yml](https://github.com/OP-TEE/manifest/blob/master/qemu_v8.xml) 3 days ago, makes the pipeline failed. I have tried to fix the pipeline when use latest qemu_v8.yml, but seems it need to: 1. add tomli dependency for python3: this can be done by `python3 -m pip install tomli` 2. upgrade libc from 2.64.6 to >=2.66.0: I think we need to upgrade the docker image, this cannot be done by myself, so I downgrade the version of qemu_v8.yml instead.  -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@teaclave.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@teaclave.apache.org For additional commands, e-mail: dev-h...@teaclave.apache.org
