Importing my TA Application



I am developing a TA application about signing with RSA. How can I load my app to REE side and TEE side in QEMU or Hikey board? What do I need to do?


You can manually copy the relevant files to the proper location in the filesystem.

hello_world (or your app) goes to /bin (/system/bin for android).
The *.ta file goes to /lib/optee_armtz (/system/lib/optee_armtz for android).


I think, QEMU is same as your reply?
How can I share my app with QEMU? ()
And, tee-supplicant is necessary for sharing? I dont understand what tee-supplicant does?

Edit : It is OK and I solved for first and second questions


Yea, file/dir sharing is not available in the current QEMU setup. In this case, you have to add the files in to the list of files to be included before building the rootfs. See You need to do the change in now instead of, but as far as the change itself, it should be the same or similar.

tee-supplicant is not necessary for sharing. It’s a daemon running in normal world to serve the secure side with various services like file system access, etc.


I understood, thanks @vchong


@vchong some things are mixed. I need to update rootfs. So, I have to build and flash OPTEE again for importing apps?


For qemu there’s no flashing. For hikey yes. Especially if there are many things that have changed it’s probably better to just rebuild and flash again rather than trying to copy newly built files from your PC and replace them on your board.


flashing boot.img is enough?


It depends on several things. If Android, then you’ll have to do flash system.img too. Yes, build and flashing system.img take a longer time than other images. If you just want to add TAs, then as suggested earlier, you can just adb push the new files. Another way to tell is to check your build and see which images have been updated, i.e those updated have to be re-flashed. If many things have changed and you’re not sure, then safer to flash everything again.