| Joakim Bech | 8e5c5b3 | 2018-10-25 08:18:32 +0200 | [diff] [blame] | 1 | ############ |
| 2 | About OP-TEE |
| 3 | ############ |
| 4 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a |
| 5 | non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone |
| 6 | technology. OP-TEE implements :ref:`tee_internal_core_api` v1.1.x which is the |
| 7 | API exposed to Trusted Applications and the :ref:`tee_client_api` v1.0, which is |
| 8 | the API describing how to communicate with a TEE. Those APIs are defined in the |
| 9 | :ref:`globalplatform_api` specifications. |
| 10 | |
| 11 | The non-secure OS is referred to as the Rich Execution Environment (REE) in TEE |
| 12 | specifications. It is typically a Linux OS flavor as a GNU/Linux distribution or |
| 13 | the AOSP. |
| 14 | |
| 15 | OP-TEE is designed primarily to rely on the Arm TrustZone technology as the |
| 16 | underlying hardware isolation mechanism. However, it has been structured to be |
| 17 | compatible with any isolation technology suitable for the TEE concept and goals, |
| 18 | such as running as a virtual machine or on a dedicated CPU. |
| 19 | |
| 20 | The main design goals for OP-TEE are: |
| 21 | |
| 22 | - **Isolation** - the TEE provides isolation from the non-secure OS and |
| 23 | protects the loaded Trusted Applications (TAs) from each other using |
| 24 | underlying hardware support, |
| 25 | |
| 26 | - **Small footprint** - the TEE should remain small enough to reside in a |
| 27 | reasonable amount of on-chip memory as found on Arm based systems, |
| 28 | |
| 29 | - **Portability** - the TEE aims at being easily pluggable to different |
| 30 | architectures and available HW and has to support various setups such as |
| 31 | multiple client OSes or multiple TEEs. |
| 32 | |
| 33 | |
| 34 | OP-TEE components |
| 35 | ***************** |
| 36 | OP-TEE is divided in various components: |
| 37 | |
| 38 | - A secure privileged layer, executing at Arm secure PL-1 (v7-A) or EL-1 |
| 39 | (v8-A) level. |
| 40 | - A set of secure user space libraries designed for Trusted Applications |
| 41 | needs. |
| 42 | - A Linux kernel TEE framework and driver (merged to the official tree in |
| 43 | v4.12). |
| 44 | - A Linux user space library designed upon the GlobalPlatform |
| 45 | :ref:`tee_client_api` specifications. |
| 46 | - A Linux user space supplicant daemon (tee-supplicant) responsible for |
| 47 | remote services expected by the TEE OS. |
| 48 | - A test suite (xtest), for doing regression testing and testing the |
| 49 | consistency of the API implementations. |
| 50 | - An example git containing a couple of simple host- and TA-examples. |
| 51 | - And some build scripts, debugging tools to ease its integration and the |
| 52 | development of Trusted Applications and secure services. |
| 53 | |
| 54 | These components are available from several git repositories. The main ones are |
| 55 | :ref:`build`, :ref:`optee_os`, :ref:`optee_client`, :ref:`optee_test`, |
| 56 | :ref:`optee_examples` and the :ref:`linux_kernel`. |
| 57 | |
| 58 | History |
| 59 | ******* |
| 60 | OP-TEE was initially developed by ST-Ericsson (and later on by |
| 61 | STMicroelectronics), but this was before OP-TEE got the name "OP-TEE" and was |
| 62 | turned into an open source project. Back then it was a closed source and a |
| 63 | proprietary TEE project. In 2013, ST-Ericsson obtained GlobalPlatform’s |
| 64 | compliance qualification with this implementation, proving that the APIs were |
| 65 | behaving as expected according to the GlobalPlatform specifications. |
| 66 | |
| 67 | Later on the same year (2013) Linaro was about to form Security Working Group |
| 68 | (SWG) and one of the initial key tasks for SWG was to work on an open source |
| 69 | TEE project. After talking to various TEE vendors Linaro ended up working with |
| 70 | STMicroelectronics TEE project. But before being able to open source it there |
| 71 | was a need to replace some proprietary components with open source components. |
| 72 | For a couple of months Linaro/SWG together with engineers from |
| 73 | STMicroelectronics re-wrote major parts (crypto library, secure monitor, build |
| 74 | system etc), cleaned up the project by enforcing :ref:`coding_standards`, |
| 75 | running checkpatch_ etc. |
| 76 | |
| 77 | June 12 2014 was the day when OP-TEE was "born" as an open source project. At |
| 78 | that day the OP-TEE team pushed the `first commit |
| 79 | <https://github.com/OP-TEE/optee_os/commit/b01047730e77127c23a36591643eeb8bb0487d68>`_ |
| 80 | to GitHub. A bit after this Linaro also made a `press release |
| 81 | <https://www.linaro.org/blog/op-tee-open-source-security-mass-market/>`_ about |
| 82 | this. That press release contains a bit more information. At the first year as |
| 83 | an open source project it was owned by STMicroelectronics but maintained by |
| 84 | Linaro and STMicroelectronics. In 2015 there was an ownership transfer of |
| Joakim Bech | e58b15c | 2020-04-15 10:48:41 +0200 | [diff] [blame] | 85 | OP-TEE from STMicroelectronics to Linaro. In September 2019, ownership was |
| 86 | transferred from Linaro to the TrustedFirmware.org project (see _blogpost for |
| 87 | more information). Maintenance is a shared responsibility between the members |
| 88 | for TrustedFirmware.org and some community maintainers representing other |
| 89 | companies who are using OP-TEE. |
| Joakim Bech | 8e5c5b3 | 2018-10-25 08:18:32 +0200 | [diff] [blame] | 90 | |
| Joakim Bech | e58b15c | 2020-04-15 10:48:41 +0200 | [diff] [blame] | 91 | .. _blogpost: https://www.trustedfirmware.org/blog/op-tee-moving-into-trusted-firmware/ |
| Joakim Bech | 8e5c5b3 | 2018-10-25 08:18:32 +0200 | [diff] [blame] | 92 | .. _checkpatch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/scripts/checkpatch.pl |