TheButlah opened a new issue, #259: URL: https://github.com/apache/teaclave-trustzone-sdk/issues/259
# Proposed Change: Introduce target-specific variants `OPTEE_CLIENT_EXPORT` for x86 and aarch64, using same style as [pkg-config](https://docs.rs/pkg-config/0.3.32/pkg_config/#cross-compilation). # Details Each of these variables can also be supplied with certain prefixes and suffixes, in the following prioritized order: 1. OPTEE_CLIENT_EXPORT_<target> - for example, OPTEE_CLIENT_EXPORT_x86_64-unknown-linux-gnu 2. OPTEE_CLIENT_EXPORT_<target_with_underscores> - for example, OPTEE_CLIENT_EXPORT_x86_64_unknown_linux_gnu 3. OPTEE_CLIENT_EXPORT - same as it is today # How is it different from what we have today? Today, teaclave CAs can already be compiled for x86 - simply build optee_client for x86, and provide that as your `OPTEE_CLIENT_EXPORT` variable. However, if you want to be able to target *both* x86 or aarch64, it implies that you have to switch this environment variable every time before you build. This becomes especially complicated in some develoment environments - for example, when using the [optee-client packaged by nix](https://search.nixos.org/packages?channel=25.11&show=optee-client), the conventional way would be to create an nix dev shell that sets an environment variable to the evaluated package, and it would be quite annoying to have to switch between an x86 and an aarch64 dev shell every time I want to change the target architecture. Instead, this proposal allows *both* environment variables to be provided simultaneously, and allows the build script to choose which one to use based on the `--target` passed to cargo. # Why even care about CAs targetting x86 in the first place? I ackowledge that CAs that target x86 don't intrinsically make much sense (because TAs inherently must be aarch64, and CAs are only useful with corresponding TAs), but the optee_client C code *does* compile for x86 and it would add fewer caveats around the build system if it can target either x86 or aarch64. Reducing friction for integrating teaclave into existing coebases is important for adoption. A concrete example of why this feature would reduce tooling pain is that at work, the monorepo we use assumes that *all* crates in the cargo workspace can target *both* aarch64 and x86 linux. TAs intrinsically cannot, so that implies there is at least two cargo workspaces (one for non-TA code and one for TAs). If CAs cannot target x86, then the number of workspaces increases to 3 (non-optee, CAs, and TAs). This could be simplified by enabling CAs to target x86. Furthermore, LSPs typically assume that they are targetting the host architecture, and for most devices thats x86. While its possible to configure this, many devs don't even know how, so they would just have a degraded development experience. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
