commit a6315cde3dbd72642a16e7626e0bd3a35f119171
author Jens Wiklander <jens.wiklander@linaro.org> Tue Nov 19 14:34:30 2019 +0100
committer Joakim Bech <joakim.bech@linaro.org> Mon Nov 25 10:39:53 2019 +0100
tree c03654b1984e6b14df579859f2da228928c4352b
parent 6054d68bcd196ba34b5e92aa728861b3cbcc248c

Add "Loading and preparing TA for execution" section

Adds an overview of how TAs are initialized by ldelf. At the end of the
section there's also an overview of the steps involved when a client opens
a session to a new TA.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

architecture/trusted_applications.rst

diff --git a/architecture/trusted_applications.rst b/architecture/trusted_applications.rst
index 44be1d2..e77c924 100644
--- a/architecture/trusted_applications.rst
+++ b/architecture/trusted_applications.rst
@@ -132,9 +132,14 @@
     #define SHDR_GET_SIG(x)         (SHDR_GET_HASH(x) + (x)->hash_size)
 
 
-The field ``image_type`` tells the type of TA, if it's ``SHDR_TA`` (0),
+The field ``img_type`` tells the type of TA, if it's ``SHDR_TA`` (0),
 it's a legacy TA. If it's ``SHDR_BOOTSTRAP_TA`` (1) it's a bootstrap TA.
 
+The field ``algo`` tells the algorithm used. The script used to sign TAs
+currently uses ``TEE_ALG_RSASSA_PKCS1_V1_5_SHA256`` (0x70004830). This
+means RSA with PKCS#1v1.5 padding and SHA-256 hash function. OP-TEE accepts
+any of the ``TEE_ALG_RSASSA_PKCS1_*`` algorithms.
+
 For bootstrap TAs ``struct shdr`` is followed by a subheader, ``struct
 shdr_bootstrap_ta`` which is defined as:
 
@@ -211,6 +216,40 @@
     $ xtest --install-ta
 
 
+Loading and preparing TA for execution
+**************************************
+
+User mode TAs are loaded into final memory in the same way using the user
+mode ELF loader ``ldelf``. The different TA locations has a common
+interface towards ``ldelf`` which makes the user mode operations identical
+regarless of how the TA is stored.
+
+The TA is loaded into secure memory in :ref:`prepare_ta`.
+
+.. _prepare_ta:
+
+.. figure:: ../images/trusted_applications/prepare_ta.png
+    :figclass: align-center
+
+    Preparing TA for execution
+
+After ``ldelf`` has returned with a TA prepared for execution it still
+remains in memory to serve the TA if dlopen() and friends are used.
+``ldelf`` is also used to dump stack trace and detailed memory mappings if
+a TA is terminated via an abort.
+
+A high level view of the entire flow from the client application in Linux
+user space where a session is opened to a TA is given in
+:ref:`open_session`.
+
+.. _open_session:
+
+.. figure:: ../images/trusted_applications/open_session.png
+    :figclass: align-center
+
+    Open session to a TA
+
+
 .. _ta_properties:
 
 TA Properties