Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

query: how to configure the compilation of the .ta file in op-tee #1708

Open
Tigerly opened this issue Jul 20, 2017 · 17 comments

Comments

Projects
None yet
10 participants
@Tigerly
Copy link

commented Jul 20, 2017

I'm trying to use docker to run the op-tee environment, and put my own code into secure world and compile them.
the compile commands are:

sudo docker start op-tee-test

docker exec -it op-tee-test /bin/bash -c 'cd /home/optee/test-optee-patch; ./build.sh'

I found there are several errors, e.g., if I declare a function like: int myprint(); the compiler will compliant that error: old-style function definition [-Werror=old-style-definition] int myprint().
To solve it, I have to change the declaration to int myprint(void);.
also, the cc1 tells me "cc1: all warnings being treated as errors".

I was wondering that:
1, how can I configure the compilation and make the warning just a warning.
2, how can I compile the .cpp file to .ta in the secure world? is it possible? because It seems like the op-tee only support .c file.

Thanks in advance!

@jforissier

This comment has been minimized.

Copy link
Contributor

commented Jul 20, 2017

Hi @Tigerly,

  1. Try make NOWERROR=1 or make CFLAGS_ta_arm32=-Wno-error (or make CFLAGS_ta_arm64=-Wno-error if your TA is 64-bits)
  2. C++ is not supported, it is not only a matter of build rules but runtime support, too.
@Tigerly

This comment has been minimized.

Copy link
Author

commented Jul 20, 2017

@jforissier Thanks so much!!! It works!
For C++, so, you mean we cannot compile the c++ source code and run the executable made by C++ in the op-tee secure world, right?
I'm curious that are there some workaround ways? for example, can I pack the .cpp files to a shared library (.so) which allows a executable (made by C language) to invoke?

@jforissier

This comment has been minimized.

Copy link
Contributor

commented Jul 20, 2017

Right. To execute C++ code in a TA (or in the TEE core), you need some runtime support. I'm not a compiler specialist, but what this means is: the compiler will generate calls to special functions in order to accomplish some tasks such a exception handling for instance. Those functions have to be implemented in a library or in some object files, specific to the runtime environnent (OP-TEE OS). This part does not exist currently.

@igoropaniuk

This comment has been minimized.

Copy link
Contributor

commented Jul 20, 2017

Hi @Tigerly,

Theoretically it's possible to use C++ code, but probably you will go through "hell and high water" and you should be definitely sure that it is worthy :)

As Jerome said that it's not possible to use C++ runtime, so you have start with overloading new/delete operators (some basic implementation based on wrapping memory allocation functions from libutee), avoid using any C++ exception handling, you probably will have issues with vtable support etc.

Once I had a bit of experience in using C++ in windows kernel development (actually, it was development of WDDM display drivers), and, frankly, I can't say that it was something I dreamed about :)

BR,
Igor

@larschristensen

This comment has been minimized.

Copy link

commented Jul 21, 2017

@jforissier
My understanding is that TEEs (incl. OPTEE) has historically not supported C++ due to additional work required to support e.g. the C++ standard library. However, it seems that C++ support would really make porting of many applications, which these days are typically by default written in C++ and not C, a lot easier and hence make the use of a TEE much easier and more widespread.
Do you think that C++ support in OPTEE should be reconsidered at some point?

@Tigerly

This comment has been minimized.

Copy link
Author

commented Jul 21, 2017

@ALL Thanks for the replying!
Actually, I have another question:
Does op-tee completely support the C now?
I mean, for an existing program made by pure C, could it work well in the secure world just like in the normal world?

@jforissier

This comment has been minimized.

Copy link
Contributor

commented Jul 22, 2017

@larschristensen I don't remember seeing requests for C++ support for TAs. It does not mean it does not make sense, of course, but at least we haven't come across a use case requiring it yet. What you are saying about porting applications does not sound very convincing to me. Would you really port a whole application from normal world to secure world? TAs are more like libraries, invoked by non-secure applications to perform a limited set of secure operations.
That being said, we will certainly accept to review patches adding C++ support.

@Tigerly it depends on what you mean by "pure C". If that is the C99 standard less section 7 "Library", then yes, I believe we support it. More exactly: we support running applications compiled with a recent enough GCC compiler in C99 mode. Regarding the library (i.e., libc), we do have some functions in libutils.a, but it is by no means complete wrt. the standard. See the header files here: https://github.com/OP-TEE/optee_os/tree/master/lib/libutils/isoc/include. In fact TAs should preferably use the GlobalPlatform Internal Core API.

@larschristensen

This comment has been minimized.

Copy link

commented Jul 22, 2017

@jforissier
My point is simply that porting such C++ applications/libraries to C just for the sake of running in a TEE is a large and effectively wasted effort, and it therefore seems more logical that at some point TEEs would start supporting C++ to make it easier to develop for TEEs. For example, it appears Google's Trusty TEE has some (limited) C++ support, see https://source.android.com/security/trusty/.

@godmar

This comment has been minimized.

Copy link

commented Aug 3, 2017

I too am interesting in seeing C++ support.

Could someone briefly sketch what is preventing the existing C++ runtime library (libstdc++, libgcc, libgcc_eh) from working under OP-TEE? Which assumptions, specifically, does it make that OP-TEE violates? Is it related to reading/writing from the stack during exception unwinding? Related question: is it impossible to configure the C++ runtime library at build time to accept the constraints OP-TEE poses?

It would be nice if those with deeper knowledge could share some of the stumbling blocks they know about in order to allow the community to gauge the amount of required effort. Lastly, a partial implementation might cover many use cases as well. Thank you.

@jforissier

This comment has been minimized.

Copy link
Contributor

commented Aug 4, 2017

@godmar good questions indeed, unfortunately I don't know enough to answer them because I don't know much about the ARM C++ ABI and neither do I know about the requirements that GCC's C++ runtime libraries put on the underlying OS.... :(

@jenswi-linaro do you have an idea?

Maybe you could ask on the linaro-toolchain mailing list.

@jenswi-linaro

This comment has been minimized.

Copy link
Contributor

commented Aug 16, 2017

I don't know much about the ARM C++ ABI either. The problem needed to be solved is the same as for bare metal programming, except that fatal errors in the TA should reported back to OP-TEE OS instead of just hanging or whatever.

Many of the arguments why C++ isn't supported in the Linux kernel are probably applicable to OP-TEE also so it may be worth googling that a bit before spending too much time on it.

@jeevan1995

This comment has been minimized.

Copy link

commented May 7, 2018

Hello,
I am trying to compile a simple C++ program printing a small output in the normal world
Is C++ program is supported in the current build toolchain?
what should be added in the build chain in order to enable for C++ compilation?

@jenswi-linaro

This comment has been minimized.

Copy link
Contributor

commented May 7, 2018

I'm afraid that nothing has happened in this area since the last answer.

@ryankumar

This comment has been minimized.

Copy link

commented Aug 2, 2018

how can i compile TA in c++ compiler ? what are the libraries or makefiles need to change ?

@jforissier

This comment has been minimized.

Copy link
Contributor

commented Aug 2, 2018

@ryankumar nothing has changed since the last answer. C++ is still not supported.

@hisy2013

This comment has been minimized.

Copy link

commented Jan 2, 2019

Hi @jforissier Do you have patches or plan for C++ support now?

@jbech-linaro

This comment has been minimized.

Copy link
Contributor

commented Jan 2, 2019

@hisy2013 , unfortunately the situation is still the same, we haven't planned for adding any C++ support as of now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.