Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Installing and Uninstalling the iTrustee SDK

The TEE is based on the TrustZone technology, which allows a CPU to work in either normal or secure mode. The REE runs in normal mode, and the TEE runs in secure mode. In secure mode, peripheral hardware resources, such as memory and peripherals, are protected and isolated to isolate the TEE from the REE and protect the TEE.

The iTrustee SDK contains kunpeng-sc and kunpeng-sc-devel. kunpeng-sc is used to run Kunpeng secure computing applications, and kunpeng-sc-devel used to develop Kunpeng secure applications. Therefore, to run a Kunpeng secure application, you only need to install kunpeng-sc. To develop a Kunpeng security application, you need to install kunpeng-sc and kunpeng-sc-devel.

Prerequisites

  1. The TEE feature has been enabled on the server. To enable it, access the BIOS and choose Advanced > TEE Config > Support TEE > Enable.
  2. The OS is CentOS 7.6 Arm, openEuler 20.03 LTS SP1 Arm, UOS 20 SP1 Server Arm64, or Kylin V10 Arm running on physical machines.

Installation Directory Structure

Table 1 Structure of the kunpeng-sc installation directory

File Type

Installation Path

Description

SO file

/usr/lib64/libboundscheck.so

/usr/lib64/libteec.so

/usr/lib64/libteec_adaptor.so

Installation paths of SO files.

Binary file

/usr/bin/teecd

/usr/bin/tlogcat

Installation paths of binary files.

Software package

/usr/local/kunpeng-sc

Installation path of the software package (including the driver).
Table 2 Structure of the kunpeng-sc-devel installation directory

File Type

Installation Path

Description

Header file

/usr/include/itrustee_sdk

Installation path of the header file.

Software package

/usr/local/kunpeng-sc-devel

Installation path of the software package (including the demo, packaging tool, and SDK source code).

Installing and Uninstalling the iTrustee SDK

  • SDK installation and uninstallation (CentOS 7.6)
    1. Obtain the iTrustee SDK installation package from the Kunpeng mirror site.
    2. Decompress the installation packages.
      1
2
      tar -zxvf kunpeng-sc-xxx.aarch64.tar.gz
tar -zxvf kunpeng-sc-devel-xxx.aarch64.tar.gz
    3. Install the RPM packages.

      kunpeng-sc:

      1
      rpm -ivh kunpeng-sc-xxx.aarch64.rpm

      kunpeng-sc-devel:

      1
      rpm -ivh kunpeng-sc-devel-xxx.aarch64.rpm
    4. Uninstall the RPM packages.

      kunpeng-sc-devel:

      1
      rpm -e kunpeng-sc-devel

      kunpeng-sc:

      1
      rpm -e kunpeng-sc
  • SDK installation and uninstallation (openEuler 20.03 LTS SP1)
    1. Obtain the iTrustee SDK installation package from the Kunpeng mirror site.
    2. Decompress the installation packages.
      1
2
      tar -zxvf kunpeng-sc-xxx.aarch64.tar.gz
tar -zxvf kunpeng-sc-devel-xxx.aarch64.tar.gz
    3. Install the RPM packages.

      kunpeng-sc:

      1
      rpm -ivh kunpeng-sc-xxx.aarch64.rpm
      kunpeng-sc-devel:
      1
      rpm -ivh kunpeng-sc-devel-xxx.aarch64.rpm
    4. Uninstall the RPM packages.
      kunpeng-sc-devel:
      1
      rpm -e kunpeng-sc-devel

      kunpeng-sc:

      1
      rpm -e kunpeng-sc
  • SDK installation and uninstallation (Kylin V10)
    1. Obtain the iTrustee SDK installation package from the Kunpeng mirror site.
    2. Decompress the installation packages.
      1
2
      tar -zxvf kunpeng-sc-xxx.ky10.aarch64.tar.gz
tar -zxvf kunpeng-sc-devel-xxx.ky10.aarch64.tar.gz
    3. Install the RPM packages.

      kunpeng-sc:

      1
      rpm -ivh kunpeng-sc-xxx.ky10.aarch64.rpm
      kunpeng-sc-devel:
      1
      rpm -ivh kunpeng-sc-devel-xxx.ky10.aarch64.rpm
    4. Uninstall the RPM packages.
      kunpeng-sc-devel:
      1
      rpm -e kunpeng-sc-devel

      kunpeng-sc:

      1
      rpm -e kunpeng-sc
  • SDK installation and uninstallation (UOS 20 SP1 Server)
    1. Obtain the iTrustee SDK installation package from the Kunpeng mirror site.
    2. Decompress the installation packages.
      1
2
      tar -zxvf kunpeng-sc_xxx_arm64.tar.gz
tar -zxvf kunpeng-sc-devel_xxx_arm64.tar.gz
    3. Install the DEB packages.

      kunpeng-sc:

      1
      dpkg -i kunpeng-sc_xxx_arm64.deb
      kunpeng-sc-devel:
      1
      dpkg -i kunpeng-sc-devel_xxx_arm64.deb
    4. Uninstall the DEB packages.
      kunpeng-sc-devel:
      1
      dpkg --purge kunpeng-sc-devel

      kunpeng-sc:

      1
      dpkg --purge kunpeng-sc
  • Obtain the latest TAR.GZ installation packages from the URLs given above, decompress the packages, and install the software.
  • The kunpeng-sc-devel and kunpeng-sc software packages are dependent on each other. You must install the kunpeng-sc software package before installing the kunpeng-sc-devel software package. Before uninstalling the kunpeng-sc software package, ensure that the kunpeng-sc-devel software package has been uninstalled.
  • Ensure that kunpeng-sc and kunpeng-sc-devel software packages are of the same version.
  • xxx indicates the version number. The iTrustee SDK has been updated to version 2.0.1.

Demo Usage

After the installation is successful, refer to the README file of the corresponding demo in the /usr/local/{TEE_DIR}/example directory for details.