Stack Overflow
Stack Overflow

Questions tagged [op-tee]

an open source trusted execution environment. For programming questions related to OP-TEE packages or services.

An open source trusted execution environment. For programming questions related to OP-TEE packages or services.

Related tag is .

Trustzone is a technology that OP-TEE is built on. As well, trusted-firmware fulfills secure boot. The OP-TEE model is a library of calls through the smc interface. A monitor mode handles this and dispatches to code in the secure world which has extended access right to memory. Often attacks are against errors in the API and not directly on the trust-zone infrastructure.

It is possible to host an OS in both the Secure and normal world with Trustzone. However, this is not a model supported by OP-TEE, which is a subset of the capabilities of TrustZone (and hence likely more secure).

18 questions
5
votes
1 answer

How does Linux scheduler of OP-TEE work after switching to Secure world

I successfully run OP-TEE on QEMU and want to figure out how scheduler works. I modified the source code to get the variable jiffies right before entering Secure World and after returning to Normal World. Here is a piece of…
Hs Zhang
  • 163
  • 1
  • 8
3
votes
0 answers

Run an executable on host machine from docker container

I have an executable on the host machine and I want to run it from Docker. It's important to run it FROM Docker, so you should call it inside, and it should call the executable on the host machine. Summerize: I need something that connect the Docker…
james_austin
  • 31
  • 1
2
votes
1 answer

How does Linaro schedule OPTEE?

I want to know which part of the code is the scheduler of project OPTEEhttps://github.com/OP-TEE. More specifically, the code decides that on which CPU secure world and normal word processes are running for multicore architecture. Any advice is…
S.Wan
  • 396
  • 3
  • 18
1
vote
0 answers

Building libwebsockets for OP-TEE

I've been trying to build libwebsockets for OP-TEE running on a TI AM437x HS (an arm platform). I'm using Yocto to build; here's the version string for OP-TEE, which is displayed on boot: I/TC: OP-TEE version: ti2019.05-rc1-dev (gcc version 8.3.0…
egyptophile
  • 11
  • 3
1
vote
0 answers

Need help to understand .vector, %function and .label

Need some help to understand the following code: What is label? What does .vectors do in here What does type \label, %function do? What does \label: do? /* * Create an entry in the exception vector table, enforcing it is * aligned on a 128-byte…
syacer
  • 157
  • 6
1
vote
2 answers

How to get a UTC timestamp in OP-TEE Trusted Application (TA) in datetime format?

Disclaimer: It took me a solid 4-5 hours of looking for an answer and after figuring it out I decided to post it here for people in the same place. OP-TEE is quite a good environment to develop TAs and CAs, however, there is no straightforward…
Everyone
  • 1,751
  • 13
  • 36
1
vote
0 answers

Add OP-TEE to Yocto

I am attempting to build a Yocto image incorporating OP-TEE. I'm used to the output from OP-TEE's build repo (bl1.bin etc) and I can't get the Yocto system to do the same. Also no /dev/tee devices exist (so maybe the kernel isn't configured). …
foreverska
  • 585
  • 3
  • 20
1
vote
2 answers

Parse a ECC private key buffer

I am using OPTEE-OS and mbedTLS and want to create a CSR. I am creating my EC key using the Global Platform API: res = TEE_AllocateTransientObject( TEE_TYPE_ECDSA_KEYPAIR, DSEC_ECDSA_SHA256_KEY_BITS, &key_pair); if (res != TEE_SUCCESS)…
Stoogy
  • 1,307
  • 3
  • 16
  • 34
0
votes
0 answers

Can I open OP-TEE using QEMU-KVM instead of TCG

Can I open OP-TEE using QEMU-KVM without trustzone CPU emulation instead of TCG? I add enable-kvm option and turn off trustzone CPU emulation in QEMU command (Since KVM doesn't support trustzone) As expected, it can't boot. But it seems the BL1…
lastages
  • 1
0
votes
0 answers

Is it possible to create a secure world OS without a normal world OS in ARM TrustZone?

I currently working with OPTEE on QEMU to create a trusted application in ARM trustzone. I wonder can OPTEE work without a normal world OS (like linux). I have tried to modify ARM trusted firmware to skip the boot process which loading normal world…
lastages
  • 1
0
votes
0 answers

How does OP-TEE works for intel architecture or mac architecture

How does OP-TEE works for intel architecture or mac architecture, where it has been designed particularly for arm trustZone architecture?
sabra baig
  • 11
0
votes
0 answers

Do the /proc/stat and /proc/pid/stat contain arm smc call time

In arm64 Linux with the OPTEE, when the CA starts, the Linux kernel will invoke the SMC, and the CPU will trap in the secure world. Will the CPU time used in the secure world be counted by the Linux kernel in /proc/stat and /proc/pid/stat? I thought…
sizzle
  • 173
  • 5
0
votes
0 answers

How to use the TEE technology in Android Studio.??Unavailability of the optee_client_java_api library

I want to implement TA & CA in android studio project. For this i have follow this steps below. Download the OP-TEE Client source code from the following link: https://github.com/OP-TEE/optee_client Copy the required header files from the…
amol junghare
  • 73
  • 1
  • 1
  • 9
0
votes
0 answers

Why does address read return nothing on second read? (using mmap)

I am building a program on a RPi3 using Buildroot as linux distro and I need to write to a given physical address. I've read that the best approach is to first use mmap, then obtain a virtual address at which you normally write. In my case, the test…
Cosmin Aprodu
  • 13
  • 6
0
votes
1 answer

IMX7D Sabre Yocto Project with OP-TEE examples

First time I am trying to create SD-Card Linux image for imx7d sabre with OP-TEE using Yocto. I followed this document https://www.nxp.com/docs/en/user-guide/i.MX_Yocto_Project_User's_Guide_Linux.pdf for building the image. I was able to build the…
Rahul B
  • 3
  • 1
1
2