TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_os / refs/heads/kmgk_pta_3.3.0
commit365385427067ed25dfda73a0b3c979f50414a766[log] [tgz]
authorIgor Opaniuk <igor.opaniuk@linaro.org>Tue Jun 19 09:38:05 2018 +0300
committerIgor Opaniuk <igor.opaniuk@linaro.org>Wed Oct 17 09:56:30 2018 +0300
tree4f93519bf8faa389f0a6e0cdd975120fcfeabf1b
parent010505abf6c5af360b1b3379aec2ea988728e0e2 [diff]
core: pta: introduce pTA to access LTC ASN.1 parser

This pTA is used for:
* Encoding/decoding x509 certificates using LTC ASN.1 parser
* Generation of EC/RSA root attestation key-pairs/certificates (currently there
is no support of key "injection" during factory provisioning, so basically
certificates are generated during the first Keymaster TA invocation).
* Generation of EC/RSA attestation certificate for the specific key.

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
8 files changed
tree: 4f93519bf8faa389f0a6e0cdd975120fcfeabf1b
  1. .github/
  2. core/
  3. documentation/
  4. keys/
  5. lib/
  6. mk/
  7. scripts/
  8. ta/
  9. .gitignore
  10. .shippable.yml
  11. .travis.yml
  12. CHANGELOG.md
  13. LICENSE
  14. MAINTAINERS
  15. Makefile
  16. Notice.md
  17. README.md
  18. typedefs.checkpatch
README.md

OP-TEE Trusted OS

Contents

  1. Introduction
  2. License
  3. Platforms supported
  4. Get and build OP-TEE software
  5. Coding standards

1. Introduction

The optee_os git repository contains the source code of a Trusted Execution Environment (TEE) as companion to a non-secure OS on ARMĀ® Cortex-A cores using the TrustZoneĀ® technology. This component meets the TEE System Architecture specifications and provides the TEE Internal Core API v1.1 as defined by the GlobalPlatform Device technology TEE specifications for the development of Trusted Applications. For a general overview of OP-TEE and to find out how to contribute, please see the Notice.md file.

The Trusted OS is accessible from the Rich OS (Linux) using the GlobalPlatform TEE Client API Specification v1.0, which also is used to trigger secure execution of applications within the TEE.

2. License

The software is distributed mostly under the BSD 2-Clause open source license, apart from some files in the optee_os/lib/libutils directory which are distributed under the BSD 3-Clause or public domain licenses.

3. Platforms supported

Several platforms are supported. In order to manage slight differences between platforms, a PLATFORM_FLAVOR flag has been introduced. The PLATFORM and PLATFORM_FLAVOR flags define the whole configuration for a chip the where the Trusted OS runs. Note that there is also a composite form which makes it possible to append PLATFORM_FLAVOR directly, by adding a dash in-between the names. The composite form is shown below for the different boards. For more specific details about build flags etc, please read the file build_system.md. Some platforms have different sub-maintainers, please refer to the file MAINTAINERS for contact details for various platforms.

The Maintained? column shows:

  • A green image if the platform is actively maintained: either tested successfully with the latest release (N), or is a newly supported platform.
  • An orange image if the platform was last tested successfully with release N-1.
  • A red image if the last successful test report is older.
PlatformComposite PLATFORM flagPublicly available?Maintained?
ARM Juno BoardPLATFORM=vexpress-junoYesActively Maintained
Atmel ATSAMA5D2-XULT BoardPLATFORM=samYesActively Maintained
DeveloperBox (Socionext Synquacer SC2A11)PLATFORM=synquacerYesActively Maintained
FSL ls1021aPLATFORM=ls-ls1021atwrYesActively maintained
NXP ls1043ardbPLATFORM=ls-ls1043ardbYesActively Maintained
NXP ls1046ardbPLATFORM=ls-ls1046ardbYesActively Maintained
NXP ls1012ardbPLATFORM=ls-ls1012ardbYesActively Maintained
NXP ls1088ardbPLATFORM=ls-ls1088ardbYesActively Maintained
NXP ls2088ardbPLATFORM=ls-ls2088ardbYesActively Maintained
NXP ls1012afrwyPLATFORM=ls-ls1012afrwyYesActively Maintained
FSL i.MX6 Quad SABRE Lite BoardPLATFORM=imx-mx6qsabreliteYesActively Maintained
FSL i.MX6 Quad SABRE SD BoardPLATFORM=imx-mx6qsabresdYesActively maintained
SolidRun i.MX6 Quad Hummingboard EdgePLATFORM=imx-mx6qhmbedgeYesActively Maintained
SolidRun i.MX6 Dual Hummingboard EdgePLATFORM=imx-mx6dhmbedgeYesActively Maintained
SolidRun i.MX6 Dual Lite Hummingboard EdgePLATFORM=imx-mx6dlhmbedgeYesActively Maintained
SolidRun i.MX6 Solo Hummingboard EdgePLATFORM=imx-mx6shmbedgeYesActively Maintained
FSL i.MX6 UltraLite EVK BoardPLATFORM=imx-mx6ulevkYesActively Maintained
NXP i.MX7Dual SabreSD BoardPLATFORM=imx-mx7dsabresdYesActively Maintained
NXP i.MX7Solo WaRP7 BoardPLATFORM=imx-mx7swarp7YesActively Maintained
ARM Foundation FVPPLATFORM=vexpress-fvpYesActively Maintained
HiSilicon D02PLATFORM=d02NoActively Maintained
HiKey Board (HiSilicon Kirin 620)PLATFORM=hikey or PLATFORM=hikey-hikeyYesActively Maintained
HiKey960 Board (HiSilicon Kirin 960)PLATFORM=hikey-hikey960YesActively Maintained
Marvell ARMADA 7K FamilyPLATFORM=marvell-armada7k8kYesActively Maintained
Marvell ARMADA 8K FamilyPLATFORM=marvell-armada7k8kYesActively Maintained
Marvell ARMADA 3700 FamilyPLATFORM=marvell-armada3700YesActively Maintained
MediaTek MT8173 EVB BoardPLATFORM=mediatek-mt8173NoNot maintained v3.0.0
Poplar Board (HiSilicon Hi3798C V200)PLATFORM=poplarYesActively Maintained
QEMUPLATFORM=vexpress-qemu_virtYesActively Maintained
QEMUv8PLATFORM=vexpress-qemu_armv8aYesActively Maintained
Raspberry Pi 3PLATFORM=rpi3YesActively maintained
Renesas RCARPLATFORM=rcarNoActively maintained
Rockchip RK322XPLATFORM=rockchip-rk322xNoActively maintained
STMicroelectronics b2260 - h410 (96boards fmt)PLATFORM=stm-b2260NoActively maintained
STMicroelectronics b2120 - h310 / h410PLATFORM=stm-cannesNoActively maintained
STMicroelectronics stm32mp1PLATFORM=stm32mp1NoActively maintained
Allwinner A64 Pine64 BoardPLATFORM=sunxi-sun50i_a64YesActively Maintained
Texas Instruments AM65xPLATFORM=k3-am65xYesActively maintained
Texas Instruments DRA7xxPLATFORM=ti-dra7xxYesActively maintained
Texas Instruments AM57xxPLATFORM=ti-am57xxYesActively maintained
Texas Instruments AM43xxPLATFORM=ti-am43xxYesActively maintained
Xilinx Zynq 7000 ZC702PLATFORM=zynq7k-zc702YesNot maintained v2.3.0
Xilinx Zynq UltraScale+ MPSOCPLATFORM=zynqmp-zcu102YesNot maintained v2.4.0
Spreadtrum SC9860PLATFORM=sprd-sc9860NoNot maintained v2.1.0

4. Get and build OP-TEE software

Please see build for instructions how to run OP-TEE on various devices.

5. Coding standards

In this project we are trying to adhere to the same coding convention as used in the Linux kernel (see CodingStyle). We achieve this by running checkpatch from Linux kernel. However there are a few exceptions that we had to make since the code also follows GlobalPlatform standards. The exceptions are as follows:

  • CamelCase for GlobalPlatform types are allowed.
  • And we also exclude checking third party code that we might use in this project, such as LibTomCrypt, MPA, newlib (not in this particular git, but those are also part of the complete TEE solution, see Notice.md. The reason for excluding and not fixing third party code is because we would probably deviate too much from upstream and therefore it would be hard to rebase against those projects later on and we don't expect that it is easy to convince other software projects to change coding style. Automatic variables should always be initialized. Mixed declarations and statements are allowed, and may be used to avoid assigning useless values. Please leave one blank line before and after such declarations.

Regarding the checkpatch tool, it is not included directly into this project. Please use checkpatch.pl from the Linux kernel git in combination with the local checkpatch script.