Releases: apache/incubator-teaclave-trustzone-sdk
Apache Teaclave TrustZone SDK (incubating) v0.4.0
This release introduces a new unified build environment that supports both the original std and the newly added no-std, along with a new crate to simplify the process of building trusted applications. It also includes real-world examples and updates to support the latest OP-TEE release (4.5.0).
The following are the key updates:
Breaking Changes in the Build Environment
In this release candidate, we have reorganized the code structure and build environment to support both no-std and std build options, simplifying the overall build process.
Additionally, the TA build scripts have been streamlined by introducing the new optee-utee-build crate.
Since the process is quite complex, the following breakdown provides more details:
Starting with an intermediate branch no-std, which simplifies the build environment from scratch:
- On
no-stdbranch: Cleaned up the build environment forno-stdand simplified the build process. The works processed on PR114-PR122, e.g.: PR #115 - Based on
no-std, addedstdsupport: PR #141 - Renamed
no-stdtomainand set it as the default branch: Issue #143 - Further improvements on
mainafter setting it as default:
Introducedoptee-utee-buildcrate for simplified TA builds. PR #156
Integration with OP-TEE
- Updated CI Docker image for the new OP-TEE build environment: PR #157
- Pinned the setup to OP-TEE 4.5.0: Commit 3aa0c94
New Features
- Made
panic_handleroptional inoptee-utee: PR #147 - Added support for configuring the capacity of shared buffers in
LoadablePlugin: PR #154 - Added
no-stdnetworking support inoptee-utee: PR #164
New Examples
- Added
error-handlingexample: PR #127 - Introduced
project/directory for real-world examples, including a Web3 ETH wallet example: PR #150 - Added
no-stdsupport fortcp_client-rsandudp_socket-rs. PR #164
Bug Fixes
Documentation Updates
- README updates:
- New migration guide:
- Guide for writing Rust TAs using
optee-utee-build:
Apache Teaclave TrustZone SDK (incubating) v0.3.0
This is the third Apache Incubator release of Teaclave TrustZone SDK. Teaclave TrustZone SDK provides abilities to build safe TrustZone applications in Rust. The SDK is based on the OP-TEE project which follows GlobalPlatform TEE specifications and provides ergonomic APIs. In addition, it enables the capability to write TrustZone applications with Rust's standard library and many third-party libraries (i.e., crates). Teaclave TrustZone SDK is a sub-project of Apache Teaclave (incubating).
In this release we have the following fundamental updates:
Features
- Add tls_client and tls_server examples
- Add signature verification example
Enhancements
Integration into OP-TEE
Building
Bug fixes
Documentation
Apache Teaclave TrustZone SDK (incubating) v0.2.0
This is the second Apache Incubator release of Teaclave TrustZone SDK. Teaclave TrustZone SDK provides abilities to build safe TrustZone applications in Rust. The SDK is based on the OP-TEE project which follows GlobalPlatform TEE specifications and provides ergonomic APIs. In addition, it enables the capability to write TrustZone applications with Rust's standard library and many third-party libraries (i.e., crates). Teaclave TrustZone SDK is a sub-project of Apache Teaclave (incubating).
During this period, we are working closely with the OP-TEE community to integrate TA examples written in Rust into the upstream repository. You can try and play with the examples written in Rust with Teaclave TrustZone SDK since the OP-TEE 3.15.0 release.
More specifically, in this release we have the following updates:
Features
- Add support for tee-supplicant loadable plugins and examples
- Add TEE Socket APIs and examples
Enhancements
Integration into OP-TEE
- Add the
-rssuffix to examples and update test scripts (#34) - Update to OP-TEE 3.14.0 (#35)
- Update to OP-TEE 3.16.0 (#59)
Building
- Upgrade building docker to Ubuntu 20.04 (#33)
- Update Rust toolchain to nightly-2021-09-20 and std to 1.56.1 (#53)
- Add setup.sh to setup rust environment and initialize submodules (#40, #63)
CI
Bug fixes
- Fix ldelf error of arm32 ta (#38)
- fix error when making the plugin example second time (#42)
- Correct toolchain PATH env (#44)
Docs
- Add debugging OP-TEE TA doc: Debugging OP-TEE TA
- Add documentation of Rust examples: Overview of OP-TEE Rust Examples
- Polish the getting started documentation
Apache Teaclave TrustZone SDK (incubating) v0.1.0
This is the first Apache Incubator release of Teaclave TrustZone SDK. Teaclave TrustZone SDK provides abilities to build safe TrustZone applications in Rust. The SDK is based on the OP-TEE project which follows GlobalPlatform TEE specifications and provides ergonomic APIs. In addition, it enables capability to write TrustZone applications with Rust's standard library and many third-party libraries (i.e., crates). Teaclave TrustZone SDK is a sub-project of Apache Teaclave (incubating).
This version implements the following Rust APIs in GlobalPlatform TEE specifications:
TEE Client API (optee-teec)
- Context
- Error
- Operation
- Parameter
- Session
- UUID
TEE Internal Core API (optee-utee)
- Arithmetical
- Crypto Operation
- Error
- Object
- Parameter
- Time
- Trace
We also provides procedure macros to automatically generate bindings interfaces of TA:
#[ta_create],#[ta_destroy],#[ta_open_session],#[ta_close_session],#[ta_invoke_command]
This version includes rewrites of all examples from OP-TEE repository. In addition, we include more examples using serde for serialization and deserialization.
This version is compatible with OP-TEE 3.13.0.