m4sterchain commented on code in PR #245: URL: https://github.com/apache/teaclave-trustzone-sdk/pull/245#discussion_r2462214183
########## cargo-optee/src/main.rs: ########## @@ -0,0 +1,158 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +use clap::{Parser, Subcommand}; +use std::env; +use std::path::PathBuf; +use std::process::abort; + +mod ca_builder; +mod common; +mod ta_builder; + +use common::Arch; + +#[derive(Debug, Parser)] +#[clap(version = env!("CARGO_PKG_VERSION"))] +#[clap(about = "Build tool for OP-TEE Rust projects")] +pub(crate) struct Cli { + #[clap(subcommand)] + cmd: Command, +} + +#[derive(Debug, Parser)] +struct BuildTypeCommonOptions { + /// Path to the app directory (default: current directory) + #[arg(long = "path", default_value = ".")] + path: PathBuf, + + /// Target architecture: aarch64 or arm (default: aarch64) + #[arg(long = "arch", default_value = "aarch64")] + arch: Arch, + + /// Path to the UUID file (default: ../uuid.txt) + #[arg(long = "uuid_path", default_value = "../uuid.txt")] + uuid_path: PathBuf, + + /// Build in debug mode (default is release) + #[arg(long = "debug")] + debug: bool, +} + +#[derive(Debug, Subcommand)] +enum BuildCommand { + /// Build a Trusted Application + TA { + /// Enable std feature for the TA + #[arg(long = "std")] + std: bool, + + /// Path to the TA dev kit directory (mandatory) + #[arg(long = "ta_dev_kit_dir", required = true)] + ta_dev_kit_dir: PathBuf, + + /// Path to the TA signing key (default: $(TA_DEV_KIT_DIR)/keys/default_ta.pem) + #[arg(long = "signing_key")] + signing_key: Option<PathBuf>, + + #[command(flatten)] + common: BuildTypeCommonOptions, + }, + /// Build a Client Application (Host) + CA { + /// Path to the OP-TEE client export directory (mandatory) + #[arg(long = "optee_client_export", required = true)] + optee_client_export: PathBuf, + + #[command(flatten)] + common: BuildTypeCommonOptions, + }, +} + +#[derive(Debug, Subcommand)] +enum Command { Review Comment: Do we have a high level design about the cargo-optee? What is the convention | requirement between different roles? - cargo-optee and underlining build system - cargo-optee and TA developer Please refer to the following link as a reference. `https://github.com/automata-network/automata-sgx-sdk?tab=readme-ov-file#getting-started` ########## optee-utee-build/src/linker.rs: ########## @@ -126,10 +126,11 @@ impl Linker { out_dir: PathBuf, ta_dev_kit_dir: PathBuf, ) -> Result<(), Error> { - const ENV_TARGET_TA: &str = "TARGET_TA"; - println!("cargo:rerun-if-env-changed={}", ENV_TARGET_TA); + // cargo passes TARGET as env to the build scripts + const ENV_TARGET: &str = "TARGET"; + println!("cargo:rerun-if-env-changed={}", ENV_TARGET); let mut aarch64_flag = true; - match env::var(ENV_TARGET_TA) { + match env::var(ENV_TARGET) { Ok(ref v) if v == "arm-unknown-linux-gnueabihf" || v == "arm-unknown-optee" => { Review Comment: This function & inner logic is not straight forward and difficult to maintain. Please leverage the Rust type system an use linear logic, instead of the boolean flag and nested if/else. The convention here between src/ta.ld.S and created ta.lds is not straight forward. It seems we can make it better by clearly handling Aarch64 and Arm32 separately and better leveraging the Type system to check the supported configurations. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
