0

I currently working with OPTEE on QEMU to create a trusted application in ARM trustzone. I wonder can OPTEE work without a normal world OS (like linux).

I have tried to modify ARM trusted firmware to skip the boot process which loading normal world component. Am I doing it correctly?

artless noise
  • 21,212
  • 6
  • 68
  • 105
lastages
  • 1
  • 1
    You may be more likely to get an answer if you ask this question somewhere where OPTEE users and developers hang out, like their mailing list. – Peter Maydell Jul 05 '23 at 11:27
  • 1
    op-tee is a 'library' which is called from normal world to perform tasks. For example it may encrypt/decrypt a binary blob with a key. Trust Zone supports more and can host an OS in the secure world. The issue is that OP-TEE will want to call things through an SMC interface, which needs a monitor mode setup. You would need to change this interface to SWI/SVC or something. I think you need to state what exactly your goals are. Ie, you made a ['trusted application'](https://optee.readthedocs.io/en/latest/building/trusted_applications.html); that is normal world? Not clear what you want. – artless noise Jul 05 '23 at 15:04
  • See [this question](https://stackoverflow.com/questions/38481671/how-does-linaro-schedule-optee) and I update [op-tee wiki](https://stackoverflow.com/tags/op-tee/info) with some info. – artless noise Jul 05 '23 at 16:47
  • @artlessnoise I'm sorry for my unclear statement. My goal is to create a secure application without to startup a rich normal world OS, since I want to keep my application to be as light as possible. Did you mean I need to create another interface to substitute normal world OS to let my application call secure world service? Many thanks for your response. – lastages Jul 06 '23 at 03:49

0 Answers0