Revise OP-TEE Shim with Task and new ELF loader by sangho2 · Pull Request #572 · microsoft/litebox

sangho2 · 2026-01-02T21:39:36Z

This PR revises the OP-TEE shim to make it work with Task and the new ELF loader.
Most of its line changes is to move syscall handlers to Task.

Notable changes this PR has made include load_ta_trampoline and load_ta_context to
run a TA loaded by an external ldelf binary, run_thread_with_shim_ref to repeatedly
execute run_thread with a shim reference (single-threaded process only), and few other
safety/security improvements.

Note: This PR includes some placeholders which are implemented in a different PR.

github-actions · 2026-01-15T19:59:40Z

🤖 SemverChecks 🤖 ⚠️ Potential breaking API changes detected ⚠️

Click for details

--- failure method_parameter_count_changed: pub method parameter count changed ---

Description:
A publicly-visible method now takes a different number of parameters.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#fn-change-arity
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.45.0/src/lints/method_parameter_count_changed.ron

Failed in:
  litebox_common_optee::LdelfArg::new now takes 1 parameters instead of 0, in /home/runner/work/litebox/litebox/litebox_common_optee/src/lib.rs:1087

--- failure inherent_method_missing: pub method removed or renamed ---

Description:
A publicly-visible method or associated fn is no longer available under its prior name. It may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.45.0/src/lints/inherent_method_missing.ron

Failed in:
  LinuxKernel::register_shim, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_platform_lvbs/src/lib.rs:386

--- failure auto_trait_impl_removed: auto trait no longer implemented ---

Description:
A public type has stopped implementing one or more auto traits. This can break downstream code that depends on the traits being implemented.
        ref: https://doc.rust-lang.org/reference/special-types-and-traits.html#auto-traits
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.45.0/src/lints/auto_trait_impl_removed.ron

Failed in:
  type OpteeShim is no longer UnwindSafe, in /home/runner/work/litebox/litebox/litebox_shim_optee/src/lib.rs:182
  type OpteeShim is no longer RefUnwindSafe, in /home/runner/work/litebox/litebox/litebox_shim_optee/src/lib.rs:182

--- failure function_missing: pub fn removed or renamed ---

Description:
A publicly-visible function cannot be imported by its prior path. A `pub use` may have been removed, or the function itself may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.45.0/src/lints/function_missing.ron

Failed in:
  function litebox_shim_optee::deinit_session, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:64
  function litebox_shim_optee::loader::prepare_registers, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:58
  function litebox_shim_optee::loader::allocate_guest_tls, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:14
  function litebox_shim_optee::loader::init_stack, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:37
  function litebox_shim_optee::get_session_id, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:73
  function litebox_shim_optee::set_ta_base_addr, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:91
  function litebox_shim_optee::session_id_pool, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:843
  function litebox_shim_optee::init_session, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:43
  function litebox_shim_optee::litebox, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:125
  function litebox_shim_optee::loader::load_ta_trampoline, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:23
  function litebox_shim_optee::loader::init_ldelf_stack, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:47
  function litebox_shim_optee::set_ta_loaded, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:80
  function litebox_shim_optee::loader::prepare_ldelf_registers, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:92
  function litebox_shim_optee::get_ta_base_addr, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/lib.rs:97
  function litebox_shim_optee::loader::load_elf_buffer, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:9

--- failure struct_missing: pub struct removed or renamed ---

Description:
A publicly-visible struct cannot be imported by its prior path. A `pub use` may have been removed, or the struct itself may have been renamed or removed entirely.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#item-remove
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.45.0/src/lints/struct_missing.ron

Failed in:
  struct litebox_shim_optee::loader::ElfLoadInfo, previously in file /home/runner/work/litebox/litebox/target/semver-checks/git-main/4b5a6bfa0a5b913b5433532efb29f4ec8452207e/litebox_shim_optee/src/loader/mod.rs:29

sangho2 force-pushed the sanghle/optee/task branch 6 times, most recently from 584039a to d0655aa Compare January 6, 2026 06:42

sangho2 changed the title ~~DRAFT: Revise OP-TEE Shim with Task and new ELF loader~~ Revise OP-TEE Shim with Task and new ELF loader Jan 6, 2026

sangho2 mentioned this pull request Jan 7, 2026

Add handlers for OP-TEE message protocol and SMC #555

Merged

sangho2 force-pushed the sanghle/optee/task branch from da1f851 to ea4541a Compare January 7, 2026 00:22

sangho2 marked this pull request as ready for review January 7, 2026 00:26

jstarks approved these changes Jan 14, 2026

View reviewed changes

Sangho Lee added 12 commits January 15, 2026 17:42

move OP-TEE syscall handlers to Task

1896760

revising ldelf/TA loading. checkpoint

ed67668

ldelf/TA loading with TA stack layout (wip)

4ef2a33

ldelf works

cb7ce32

load 2nd trampoline for TA

6c60288

drop elf_loader

6b94817

op-tee tests work

835ed4e

lvbs platform placeholders

c70aa95

run_thread_with_shm_ref

8c442c4

refactoring

f2538af

explicitly compute TA base address

420f039

remove outdated comments

ef42d21

sangho2 force-pushed the sanghle/optee/task branch 2 times, most recently from bad8ced to e287193 Compare January 15, 2026 19:17

fix GDT layout

3aa6f9a

sangho2 force-pushed the sanghle/optee/task branch from e287193 to 3aa6f9a Compare January 15, 2026 19:49

sangho2 added this pull request to the merge queue Jan 15, 2026

Merged via the queue into main with commit a5e429a Jan 15, 2026
12 checks passed

sangho2 deleted the sanghle/optee/task branch January 15, 2026 20:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Revise OP-TEE Shim with Task and new ELF loader#572

Revise OP-TEE Shim with Task and new ELF loader#572
sangho2 merged 13 commits intomainfrom
sanghle/optee/task

sangho2 commented Jan 2, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Jan 15, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

sangho2 commented Jan 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Jan 15, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

sangho2 commented Jan 2, 2026 •

edited

Loading