Home
last modified time | relevance | path

Searched +full:op +full:- +full:tee (Results 1 – 25 of 161) sorted by relevance

1234567

/optee_os/
H A DCHANGELOG.md1 # OP-TEE - version 4.8.0 (2025-10-24)
3 - Links to the release pages, commits and pull requests merged into this release for:
4- OP-TEE/optee_os: [release page][OP_TEE_optee_os_release_4_8_0], [commits][OP_TEE_optee_os_commit…
5- OP-TEE/optee_client: [release page][OP_TEE_optee_client_release_4_8_0], [commits][OP_TEE_optee_c…
6- OP-TEE/optee_test: [release page][OP_TEE_optee_test_release_4_8_0], [commits][OP_TEE_optee_test_…
7- OP-TEE/build: [release page][OP_TEE_build_release_4_8_0], [commits][OP_TEE_build_commits_4_8_0] …
8- linaro-swg/optee_examples: [release page][linaro_swg_optee_examples_release_4_8_0], [commits][li…
11 [OP_TEE_optee_os_release_4_8_0]: https://github.com/OP-TEE/optee_os/releases/tag/4.8.0
12 [OP_TEE_optee_os_commits_4_8_0]: https://github.com/OP-TEE/optee_os/compare/4.7.0...4.8.0
13 …os_pr_4_8_0]: https://github.com/OP-TEE/optee_os/pulls?q=is%3Apr+is%3Amerged+base%3Amaster+merged%…
[all …]
H A DREADME.md1 # OP-TEE Trusted OS
2 This git contains source code for the secure side implementation of OP-TEE
5 All official OP-TEE documentation has moved to http://optee.readthedocs.io.
7 // OP-TEE core maintainers
/optee_os/core/drivers/
H A Dimx_caam.c1 // SPDX-License-Identifier: BSD-2-Clause
24 /* A basic sub-set of the CAAM */
48 * Set job-ring ownership to non-secure by default. in init_caam()
49 * A Linux kernel that runs after OP-TEE will run in normal-world in init_caam()
51 * CAAM job-rings. in init_caam()
53 * It is possible to use CAAM job-rings inside of OP-TEE i.e. in in init_caam()
54 * secure world code but, to do that OP-TEE and kernel should agree in init_caam()
55 * via a DTB which job-rings are owned by OP-TEE and which are in init_caam()
56 * owned by Kernel, something that the OP-TEE CAAM driver should in init_caam()
60 * runtime OP-TEE CAAM code will be run in init_caam()
[all …]
H A Dwidevine_huk.c1 // SPDX-License-Identifier: BSD-2-Clause
28 node = fdt_path_offset(fdt, "/options/op-tee/widevine"); in init_widevine_huk_dt_data()
32 value = fdt_getprop(fdt, node, "op-tee,hardware-unique-key", &len); in init_widevine_huk_dt_data()
61 memcpy(hwkey->data, dt_huk, HW_UNIQUE_KEY_LENGTH); in tee_otp_get_hw_unique_key()
/optee_os/core/arch/arm/include/
H A Doptee_ffa.h1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright (c) 2019-2025, Linaro Limited
7 * This file is exported by OP-TEE and is kept in sync between secure world
8 * and normal world drivers. We're using ARM FF-A 1.0 specification.
23 * defined in FF-A specification:
27 * w3-w7: Implementation defined, free to be used below
39 * Returns the API version implemented, currently follows the FF-A version.
42 * w4-w7: Not used (MBZ)
47 * w5-w7: Not used (MBZ)
52 * Returns the revision of OP-TEE.
[all …]
/optee_os/mk/
H A Dconfig.mk1 # Default configuration values for OP-TEE core (all platforms).
3 # Platform-specific overrides are in core/arch/arm32/plat-*/conf.mk.
4 # Some subsystem-specific defaults are not here but rather in */sub.mk.
12 # 4. The platform-specific configuration file: core/arch/arm32/plat-*/conf.mk
14 # 6. Subsystem-specific makefiles (*/sub.mk)
16 # Actual values used during the build are output to $(out-dir)/conf.mk
19 # Cross-compiler prefix and suffix
21 CROSS_COMPILE ?= arm-linux-gnueabihf-
22 # Don't cross-compile if building on aarch64 natively
23 ifneq ($(shell uname -m),aarch64)
[all …]
/optee_os/scripts/
H A Dderive_rpmb_key.py2 # SPDX-License-Identifier: BSD-2-Clause
32 by OP-TEE and the CID of the RPMB.''',
38 parser.add_argument('--quiet', action='store_true', default=False,
41 parser.add_argument('--testkey', action='store_true', default=False,
43 parser.add_argument('--huk', type=hex_parse,
46 tee_otp_get_hw_unique_key() in OP-TEE''')
47 parser.add_argument('--cid', type=hex_parse, help='CID (16 bytes)')
48 parser.add_argument('--compat', action='store_true', default=False,
50 only to be used if OP-TEE is build with
61 # checksum) fields as OP-TEE does.
[all …]
H A Dupdate_changelog.py2 # SPDX-License-Identifier: BSD-2-Clause
16 ' --changelog-file CHANGELOG.md'
17 ' --release-version 3.7.0'
18 ' --previous-release-version 3.6.0'
19 ' --release-date 2019-10-11')
21 parser.add_argument('--changelog-file', action='store', required=False,
25 parser.add_argument('--release-date', action='store', required=True,
26 help='The release date (yyyy-mm-dd).')
28 parser.add_argument('--release-version', action='store', required=True,
31 parser.add_argument('--previous-release-version', action='store',
[all …]
/optee_os/core/arch/arm/plat-hikey/
H A Dplatform_config.h1 /* SPDX-License-Identifier: BSD-2-Clause */
54 * TZDRAM is secured (firewalled) by the DDR controller, see ARM-TF, but note
58 * protection may be reverted by the non-secure kernel with a piece of
59 * code similar to the one that sets the protection in ARM-TF (we're
62 * TZSRAM is emulated in the TZDRAM area, because the on-chip SRAM of the
63 * HiKey SoC is too small to run OP-TEE (72K total with 64K available, see
64 * "SRAM Memory Region Layout" in ARM-TF plat/hikey/include/hisi_sram_map.h),
70 * 0x4000_0000 -
73 * TEE RAM: 2 MiB (TEE_RAM_VA_SIZE) |
74 * 0x3F00_0000 [TZDRAM_BASE, BL32_LOAD_ADDR] -
[all …]
/optee_os/core/tee/
H A Dtee_fs_rpc.c1 // SPDX-License-Identifier: BSD-2-Clause
12 #include <tee/fs_dirfile.h>
13 #include <tee/tee_fs.h>
14 #include <tee/tee_fs_rpc.h>
39 l = blen - pos; in create_filename()
43 static TEE_Result operation_commit(struct tee_fs_rpc_operation *op) in operation_commit() argument
45 return thread_rpc_cmd(op->id, op->num_params, op->params); in operation_commit()
52 struct tee_fs_rpc_operation op = { }; in operation_open_dfh() local
67 op = (struct tee_fs_rpc_operation){ in operation_open_dfh()
74 res = operation_commit(&op); in operation_open_dfh()
[all …]
H A Dsub.mk5 # HMAC-based Extract-and-Expand Key Derivation Function
7 # This is an OP-TEE extension, not part of the GlobalPlatform Internal API v1.0
10 # NIST SP800-56A Concatenation Key Derivation Function
11 # This is an OP-TEE extension
15 # This is an OP-TEE extension
20 srcs-y += entry_std.c
21 srcs-y += tee_cryp_utl.c
22 srcs-$(CFG_CRYPTO_HKDF) += tee_cryp_hkdf.c
23 srcs-$(CFG_CRYPTO_CONCAT_KDF) += tee_cryp_concat_kdf.c
25 srcs-$(CFG_CRYPTO_PBKDF2) += tee_cryp_pbkdf2.c
[all …]
/optee_os/core/arch/arm/include/sm/
H A Doptee_smc.h1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright (c) 2015-2021, Linaro Limited
11 * This file is exported by OP-TEE and is in kept in sync between secure
70 * Normal cached memory (write-back), shareable for SMP systems and not
78 * 32-bit registers.
86 * 384fb3e0-e7f8-11e3-af63-0002a5d5c51b.
110 * Used by non-secure world to figure out which Trusted OS is installed.
113 * Returns UUID in a0-4 in the same way as OPTEE_SMC_CALLS_UID
123 * Used by non-secure world to figure out which version of the Trusted OS
127 * Returns revision in a0-1 in the same way as OPTEE_SMC_CALLS_REVISION
[all …]
H A Dteesmc_opteed.h1 /* SPDX-License-Identifier: BSD-2-Clause */
10 * This file specify SMC function IDs used when returning from TEE to the
17 * only concerns the OP-TEE Dispatcher in ARM Trusted Firmware and OP-TEE
83 * r1-4/x1-4 Return value 0-3 which will passed to normal world in
84 * r0-3/x0-3
/optee_os/core/arch/riscv/include/tee/
H A Doptee_abi.h1 /* SPDX-License-Identifier: BSD-2-Clause */
4 * Copyright (c) 2015-2021, Linaro Limited
12 * This file should be kept in sync between secure domain and non-secure
68 * Normal cached memory (write-back), shareable for SMP systems and not
82 * 384fb3e0-e7f8-11e3-af63-0002a5d5c51b.
106 * Used by non-secure world to figure out which Trusted OS is installed.
109 * Returns UUID in a0-4 in the same way as OPTEE_ABI_CALLS_UID
119 * Used by non-secure world to figure out which version of the Trusted OS
123 * Returns revision in a0-1 in the same way as OPTEE_ABI_CALLS_REVISION
124 * described above. May optionally return a 32-bit build identifier in a2,
[all …]
/optee_os/core/include/tee/
H A Dtee_fs_rpc.h1 /* SPDX-License-Identifier: BSD-2-Clause */
7 * Interface with tee-supplicant for file operations
16 #include <tee/tee_fs.h>
34 TEE_Result tee_fs_rpc_read_init(struct tee_fs_rpc_operation *op,
37 TEE_Result tee_fs_rpc_read_final(struct tee_fs_rpc_operation *op,
40 TEE_Result tee_fs_rpc_write_init(struct tee_fs_rpc_operation *op,
43 TEE_Result tee_fs_rpc_write_final(struct tee_fs_rpc_operation *op);
/optee_os/core/include/kernel/
H A Dvirtualization.h1 /* SPDX-License-Identifier: BSD-2-Clause */
22 * virt_guest_created() - create new VM partition
26 * when hypervisor creates new guest VM, so OP-TEE
32 * virt_guest_destroyed() - destroy existing VM partition
43 * virt_set_guest() - set guest VM context for current core
46 * This function switches memory partitions, so TEE part of
47 * OP-TEE will see memory associated with current guest.
48 * It should be called on entry to OP-TEE
53 * virt_unset_guest() - set default memory partition
55 * This function should be called upon leaving OP-TEE,
[all …]
/optee_os/core/include/drivers/
H A Dsemihosting_console.h1 /* SPDX-License-Identifier: BSD-2-Clause */
10 * Initialize console which uses architecture-specific semihosting mechanism.
11 * If @file_path is not NULL, OP-TEE OS will try to output log to that file,
13 * Otherwise, if @file_path is NULL, OP-TEE OS will try to output log to the
/optee_os/core/arch/arm/tee/
H A Dsvc_cache.c1 // SPDX-License-Identifier: BSD-2-Clause
9 #include <tee/cache.h>
10 #include <tee/svc_cache.h>
12 TEE_Result syscall_cache_operation(void *va, size_t len, unsigned long op) in syscall_cache_operation() argument
18 if ((to_ta_ctx(s->ctx)->flags & TA_FLAG_CACHE_MAINTENANCE) == 0) in syscall_cache_operation()
21 utc = to_user_ta_ctx(s->ctx); in syscall_cache_operation()
27 if (vm_buf_intersects_um_private(&utc->uctx, va, len)) in syscall_cache_operation()
30 res = vm_check_access_rights(&utc->uctx, in syscall_cache_operation()
37 return cache_operation(op, va, len); in syscall_cache_operation()
/optee_os/lib/libutee/include/
H A Dpta_stats.h1 /* SPDX-License-Identifier: BSD-2-Clause */
17 * STATS_CMD_PAGER_STATS - Get statistics on pager
29 * STATS_CMD_ALLOC_STATS - Get statistics on core heap allocations
58 * STATS_CMD_MEMLEAK_STATS - Print memory leakage info to console
63 * STATS_CMD_TA_STATS - Get information on TA instances
77 * STATS_CMD_GET_TIME - Get both REE time and TEE time
79 * [out] value[0].a REE time as seen by OP-TEE in seconds
80 * [out] value[0].b REE time as seen by OP-TEE, milliseconds part
81 * [out] value[1].a TEE system time in seconds
82 * [out] value[1].b TEE system time, milliseconds part
[all …]
H A Dutee_defines.h1 /* SPDX-License-Identifier: BSD-2-Clause */
15 * Copied from TEE Internal API specificaion v1.0 table 6-9 "Structure of
43 #define TEE_MAIN_ALGO_HKDF 0xC0 /* OP-TEE extension */
44 #define TEE_MAIN_ALGO_CONCAT_KDF 0xC1 /* OP-TEE extension */
45 #define TEE_MAIN_ALGO_PBKDF2 0xC2 /* OP-TEE extension */
47 #define TEE_MAIN_ALGO_SHAKE128 0xC3 /* OP-TEE extension */
48 #define TEE_MAIN_ALGO_SHAKE256 0xC4 /* OP-TEE extension */
124 * Value not defined in the GP spec, and not used as bits 15-12 of any TEE_ALG*
125 * value. TEE_ALG_SM2_DSA_SM3 has value 0x6 for bits 15-12 which would yield the
126 * SHA512 digest if we were to apply the bit masks that were valid up to the TEE
[all …]
/optee_os/core/arch/arm/plat-versal/
H A Dconf.mk3 include core/arch/arm/cpu/cortex-armv8-0.mk
15 # 1. There is no source for ALSR seed, as TF-a does not provide a
16 # DTB to OP-TEE. Hardware RNG is also not currently supported.
17 # 2. Xilinx's bootgen can't find the OP-TEE entry point from the TEE.elf file
18 # used to generate boot.bin. Enabling ASLR requires an update to TF-A.
63 # the driver's software fallback operations - need further work
67 # SHA3-384 crypto engine
78 # AES-GCM supported key sources for HUK:
/optee_os/core/arch/arm/plat-totalcompute/fdts/
H A Doptee_sp_manifest.dts1 // SPDX-License-Identifier: BSD-2-Clause
3 * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
5 * This file is a Partition Manifest (PM) for OP-TEE as a Secure Partition (SP)
9 /dts-v1/;
12 compatible = "arm,ffa-manifest-1.0";
15 description = "op-tee";
16 ffa-version = <0x00010000>; /* 31:16 - Major, 15:0 - Minor */
19 execution-ctx-count = <8>;
20 exception-level = <2>; /* S-EL1 */
21 execution-state = <0>; /* AARCH64 */
[all …]
/optee_os/core/arch/arm/plat-rzg/
H A Dconf.mk3 include core/arch/arm/cpu/cortex-armv8-0.mk
13 # does not provide DTB to OP-TEE. Also, there is no
16 # 2. OP-TEE crashes during boot with enabled CFG_CORE_ASLR.
40 supported-ta-targets = ta_arm64
/optee_os/core/arch/arm/plat-poplar/
H A Dplatform_config.h3 * SPDX-License-Identifier: BSD-2-Clause
23 * non-secure by default. Therefore, the terms TZDRAM and TZSRAM may not
34 * u-boot + ree memory: 1144 MiB (144 MiB for 1GB board)
35 * 0x3700_0000 CONFIG_SYS_TEXT_BASE (u-boot)
36 * PLAT_POPLAR_NS_IMAGE_OFFSET (arm-tf)
46 * 0x0480_0000 CONFIG_SYS_LOAD_ADDR (defined in u-boot)
48 * 0x0420_0000 CONFIG_SYS_INIT_SP_ADDR (defined in u-boot)
49 * 0x0408_0000 KERNEL_TEXT_OFFSET (defined in u-boot)
53 * 0x0400_0000 -
55 * 0x0320_0000 -
[all …]
/optee_os/core/pta/
H A Dwidevine.c1 // SPDX-License-Identifier: BSD-2-Clause
54 * The TPM auth public key. Used to communicate with the TPM from OP-TEE.
57 * https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part2_Structures_pub.pdf
64 * requests in OP-TEE. The value is an ECC NIST P-256 scalar.
66 * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-186.pdf
82 node = fdt_path_offset(fdt, "/options/op-tee/widevine"); in init_widevine_dt_data()
86 value = fdt_getprop(fdt, node, "tcg,tpm-auth-public-key", &len); in init_widevine_dt_data()
96 value = fdt_getprop(fdt, node, "google,widevine-root-of-trust-ecc-p256", in init_widevine_dt_data()
120 if (!is_user_ta_ctx(session->ctx)) in open_session()
125 if (memcmp(&session->ctx->uuid, &allowed_ta_uuids[i], in open_session()

1234567