Home
last modified time | relevance | path

Searched full:tee (Results 1 – 25 of 338) sorted by relevance

12345678910>>...14

/optee_os/
H A DCHANGELOG.md1 # OP-TEE - version 4.8.0 (2025-10-24)
4 …- OP-TEE/optee_os: [release page][OP_TEE_optee_os_release_4_8_0], [commits][OP_TEE_optee_os_commit…
5 …- OP-TEE/optee_client: [release page][OP_TEE_optee_client_release_4_8_0], [commits][OP_TEE_optee_c…
6 …- OP-TEE/optee_test: [release page][OP_TEE_optee_test_release_4_8_0], [commits][OP_TEE_optee_test_…
7 …- OP-TEE/build: [release page][OP_TEE_build_release_4_8_0], [commits][OP_TEE_build_commits_4_8_0] …
11 [OP_TEE_optee_os_release_4_8_0]: https://github.com/OP-TEE/optee_os/releases/tag/4.8.0
12 [OP_TEE_optee_os_commits_4_8_0]: https://github.com/OP-TEE/optee_os/compare/4.7.0...4.8.0
13 [OP_TEE_optee_os_pr_4_8_0]: https://github.com/OP-TEE/optee_os/pulls?q=is%3Apr+is%3Amerged+base%3Am…
15 [OP_TEE_optee_client_release_4_8_0]: https://github.com/OP-TEE/optee_client/releases/tag/4.8.0
16 [OP_TEE_optee_client_commits_4_8_0]: https://github.com/OP-TEE/optee_client/compare/4.7.0...4.8.0
[all …]
H A DREADME.md1 # OP-TEE Trusted OS
2 This git contains source code for the secure side implementation of OP-TEE
5 All official OP-TEE documentation has moved to http://optee.readthedocs.io.
7 // OP-TEE core maintainers
/optee_os/core/arch/riscv/kernel/
H A Dlink.mk16 link-ldflags += -T $(link-script-pp) -Map=$(link-out-dir)/tee.map
27 ldargs-tee.elf := $(link-ldflags) $(link-objs) $(link-out-dir)/version.o \
57 -include $(link-out-dir)/.tee.elf.cmd
64 all: $(link-out-dir)/tee.elf
65 cleanfiles += $(link-out-dir)/tee.elf $(link-out-dir)/tee.map
68 cleanfiles += $(link-out-dir)/.tee.elf.cmd
69 $(link-out-dir)/tee.elf: $(link-objs) $(libdeps) $(link-script-pp) $(FORCE_LINK)
71 @echo "old-link-objs := $(link-objs)" >$(link-out-dir)/.tee.elf.cmd
73 $(q)$(LDcore) $(ldargs-tee.elf) -o $@
75 all: $(link-out-dir)/tee.dmp
[all …]
/optee_os/core/arch/arm/kernel/
H A Dlink.mk35 link-ldflags += -T $(link-script-pp) -Map=$(link-out-dir)/tee.map
54 ldargs-tee.elf := $(link-ldflags) $(link-objs) $(link-out-dir)/version.o \
145 -include $(link-out-dir)/.tee.elf.cmd
152 all: $(link-out-dir)/tee.elf
153 cleanfiles += $(link-out-dir)/tee.elf $(link-out-dir)/tee.map
156 cleanfiles += $(link-out-dir)/.tee.elf.cmd
157 $(link-out-dir)/tee.elf: $(link-objs) $(libdeps) $(link-script-pp) $(FORCE_LINK)
158 @echo "old-link-objs := $(link-objs)" >$(link-out-dir)/.tee.elf.cmd
160 $(q)$(LDcore) $(ldargs-tee.elf) -o $@
162 all: $(link-out-dir)/tee.dmp
[all …]
/optee_os/core/arch/arm/plat-stm32mp1/
H A Dlink.mk11 all: $(link-out-dir)/tee-header_v2.stm32
12 cleanfiles += $(link-out-dir)/tee-header_v2.stm32
13 $(link-out-dir)/tee-header_v2.stm32: $(link-out-dir)/tee-header_v2.bin
16 all: $(link-out-dir)/tee-pager_v2.stm32
17 cleanfiles += $(link-out-dir)/tee-pager_v2.stm32
18 $(link-out-dir)/tee-pager_v2.stm32: $(link-out-dir)/tee-pager_v2.bin
21 all: $(link-out-dir)/tee-pageable_v2.stm32
22 cleanfiles += $(link-out-dir)/tee-pageable_v2.stm32
23 $(link-out-dir)/tee-pageable_v2.stm32: $(link-out-dir)/tee-pageable_v2.bin
/optee_os/mk/
H A Dconfig.mk1 # Default configuration values for OP-TEE core (all platforms).
65 # If y, enable debug features of the TEE core (assertions and lock checks
71 # Log levels for the TEE core. Defines which core messages are displayed
98 # - To debug user-mode (TA) allocations: build OP-TEE *and* the TA with:
100 # - To debug TEE core allocations: build OP-TEE with:
171 # tee-supplicant process will open /dev/mmcblk<id>rpmb
216 # Enables RPMB key programming by the TEE, in case the RPMB partition has not
219 # Do *NOT* enable this in product builds, as doing so would allow the TEE to
227 # advance that OP-TEE supports it. Setting CFG_RPMB_ANNOUNCE_PROBE_CAP=y
228 # will announce OP-TEE's capability for RPMB probing to the kernel and it
[all …]
/optee_os/core/drivers/
H A Dimx_caam.c49 * A Linux kernel that runs after OP-TEE will run in normal-world in init_caam()
53 * It is possible to use CAAM job-rings inside of OP-TEE i.e. in in init_caam()
54 * secure world code but, to do that OP-TEE and kernel should agree in init_caam()
55 * via a DTB which job-rings are owned by OP-TEE and which are in init_caam()
56 * owned by Kernel, something that the OP-TEE CAAM driver should in init_caam()
60 * runtime OP-TEE CAAM code will be run in init_caam()
/optee_os/core/arch/arm/plat-hikey/
H A Dplatform_config.h63 * HiKey SoC is too small to run OP-TEE (72K total with 64K available, see
73 * TEE RAM: 2 MiB (TEE_RAM_VA_SIZE) |
77 * Reserved by UEFI for OP-TEE, unused |
81 * Reserved by UEFI for OP-TEE, unused |
93 * TEE RAM: 200 KiB | TZSRAM
97 * Reserved by UEFI for OP-TEE, unused |
101 * Reserved by UEFI for OP-TEE, unused |
147 #error 32-bit TEE with CFG_CORE_DYN_SHM and without CFG_LARGE_PHYS_ADDR \
/optee_os/core/arch/arm/include/
H A Doptee_ffa.h7 * This file is exported by OP-TEE and is kept in sync between secure world
52 * Returns the revision of OP-TEE.
85 * w5: Bitfield of OP-TEE capabilities OPTEE_FFA_SEC_CAP_*
94 /* OP-TEE supports asynchronous notification via FF-A */
96 /* OP-TEE supports probing for RPMB device if needed */
98 /* OP-TEE supports Protected Memory for secure data path */
119 * Inform OP-TEE that the normal world is able to receive asynchronous
188 * FFA_BUSY: Number of OP-TEE OS threads exceeded,
/optee_os/scripts/
H A Dderive_rpmb_key.py32 by OP-TEE and the CID of the RPMB.''',
46 tee_otp_get_hw_unique_key() in OP-TEE''')
50 only to be used if OP-TEE is build with
61 # checksum) fields as OP-TEE does.
67 # is overridden the key derived here may not match what OP-TEE is using
69 # HUK is as tee_otp_get_hw_unique_key() in OP-TEE returns it
86 # The test key hardcoded in OP-TEE
H A Dupdate_changelog.py59 gits = ["OP-TEE/optee_os", "OP-TEE/optee_client", "OP-TEE/optee_test",
60 "OP-TEE/build", "linaro-swg/optee_examples"]
72 text = "# OP-TEE - version {} ({})\n".format(rv, rd)
H A Dsymbolize.py18 TEE_LOAD_ADDR_RE = re.compile(r'TEE load address @ (?P<load_addr>0x[0-9a-f]+)')
35 This scripts reads an OP-TEE abort or panic message from stdin and adds debug
37 address in the call stack. Any message generated by OP-TEE and containing a
39 includes aborts and panics from the TEE core as well as from any TA.
41 binary (tee.elf or Trusted Application). The GNU binutils (addr2line, objdump,
49 OP-TEE abort and panic messages are sent to the secure console. They look like
68 Also, this script reads function graph generated for OP-TEE user TA from
116 description='Symbolizes OP-TEE abort dumps or function graphs',
119 help='Search for ELF file in DIR. tee.elf is needed '
120 'to decode a TEE Core or pseudo-TA abort, while '
[all …]
/optee_os/core/include/kernel/
H A Dvirtualization.h26 * when hypervisor creates new guest VM, so OP-TEE
46 * This function switches memory partitions, so TEE part of
47 * OP-TEE will see memory associated with current guest.
48 * It should be called on entry to OP-TEE
55 * This function should be called upon leaving OP-TEE,
56 * to switch to default memory partition, so all TEE-specific
58 * that TEE memory is untouched when there is no active VM.
66 * only once: to initialize TEE runtime for current guest VM
78 * @mem_map: current OP-TEE memory map
/optee_os/lib/libutee/include/
H A Dpta_stats.h77 * STATS_CMD_GET_TIME - Get both REE time and TEE time
79 * [out] value[0].a REE time as seen by OP-TEE in seconds
80 * [out] value[0].b REE time as seen by OP-TEE, milliseconds part
81 * [out] value[1].a TEE system time in seconds
82 * [out] value[1].b TEE system time, milliseconds part
H A Dutee_defines.h15 * Copied from TEE Internal API specificaion v1.0 table 6-9 "Structure of
43 #define TEE_MAIN_ALGO_HKDF 0xC0 /* OP-TEE extension */
44 #define TEE_MAIN_ALGO_CONCAT_KDF 0xC1 /* OP-TEE extension */
45 #define TEE_MAIN_ALGO_PBKDF2 0xC2 /* OP-TEE extension */
47 #define TEE_MAIN_ALGO_SHAKE128 0xC3 /* OP-TEE extension */
48 #define TEE_MAIN_ALGO_SHAKE256 0xC4 /* OP-TEE extension */
126 * SHA512 digest if we were to apply the bit masks that were valid up to the TEE
267 * See TEE Internal API specificaion v1.0 table 6-12 "Partial Structure of
/optee_os/ta/pkcs11/src/
H A Dpkcs11_helpers.h20 * TEE invocation parameter#0 is an in/out buffer of at least 32bit
25 /* GPD TEE to PKCS11 status conversion */
61 /* Convert PKCS11 TA function ID into a TEE crypto operation mode */
64 /* Load TEE operation attributes from a PKCS11 object, return false on error */
69 /* Hash and load TEE operation attributes from a PKCS11 object */
/optee_os/core/pta/
H A Ddevice.c7 * This pseudo TA is used by normal world OS TEE driver to fetch pseudo TA's
8 * UUIDs which can act as TEE bus devices.
18 #include <tee/tee_fs.h>
19 #include <tee/uuid.h>
93 * enabled when the kernel does not support OP-TEE RPMB operations. in invoke_command()
/optee_os/core/tee/
H A Dtee_obj.c9 #include <tee/tee_fs.h>
10 #include <tee/tee_obj.h>
11 #include <tee/tee_pobj.h>
12 #include <tee/tee_svc_cryp.h>
H A Dtee_svc.c23 #include <tee/tee_cryp_utl.h>
24 #include <tee/tee_svc.h>
69 * and on the TEE Trusted Storage for the storage of origins (default).
70 * 1000: Persistent time based on a TEE-controlled real-time clock
71 * and the TEE Trusted Storage.
87 * 1000: Antirollback TEE-controlled hardware
300 .name = "gpd.tee.apiversion",
306 .name = "gpd.tee.description",
311 .name = "gpd.tee.deviceID",
316 .name = "gpd.tee.systemTime.protectionLevel",
[all …]
/optee_os/core/arch/arm/include/sm/
H A Doptee_smc.h11 * This file is exported by OP-TEE and is in kept in sync between secure
390 * OP-TEE in secure world is in charge of the release process of secondary
391 * cores. The Rich OS issue the this request to ask OP-TEE to boot up the
392 * secondary cores, go through the OP-TEE per-core initialization, and then
421 * Inform OP-TEE about a new virtual machine
424 * OP-TEE records client id of new virtual machine and prepares
425 * to receive requests from it. This call is available only if OP-TEE
440 * a0 OPTEE_SMC_RETURN_ENOTAVAIL OP-TEE have no resources for
450 * Inform OP-TEE about shutdown of a virtual machine
453 * OP-TEE will clean up all resources associated with this VM. This call is
[all …]
/optee_os/core/arch/riscv/include/mm/
H A Dgeneric_ram_layout.h37 * TEE_RAM_START TEE core RAM physical base address
38 * TEE_RAM_VA_SIZE TEE core virtual memory address range size
39 * TEE_RAM_PH_SIZE TEE core physical RAM byte size
63 * TEE RAM layout without CFG_WITH_PAGER
66 * | TEE core secure RAM (TEE_RAM) |
78 * TEE RAM layout with CFG_WITH_PAGER=y and undefined CFG_TDSRAM_START/_SIZE
81 * | TEE core secure RAM (TEE_RAM) | | | CFG_CORE_TDSRAM_EMUL_SIZE
96 * TEE RAM layout with CFG_WITH_PAGER=y and define CFG_TDSRAM_START/_SIZE
99 * | TEE core secure RAM (TEE_RAM) | | CFG_TDSRAM_SIZE
/optee_os/core/arch/arm/include/mm/
H A Dgeneric_ram_layout.h36 * TEE_RAM_START TEE core RAM physical base address
37 * TEE_RAM_VA_SIZE TEE core virtual memory address range size
38 * TEE_RAM_PH_SIZE TEE core physical RAM byte size
62 * TEE RAM layout without CFG_WITH_PAGER
65 * | TEE core secure RAM (TEE_RAM) |
77 * TEE RAM layout with CFG_WITH_PAGER=y and undefined CFG_TZSRAM_START/_SIZE
80 * | TEE core secure RAM (TEE_RAM) | | | CFG_CORE_TZSRAM_EMUL_SIZE
95 * TEE RAM layout with CFG_WITH_PAGER=y and define CFG_TZSRAM_START/_SIZE
98 * | TEE core secure RAM (TEE_RAM) | | CFG_TZSRAM_SIZE
/optee_os/core/arch/riscv/include/tee/
H A Doptee_abi.h380 * OP-TEE in secure world is in charge of the release process of secondary
381 * cores. The Rich OS issue the this request to ask OP-TEE to boot up the
382 * secondary cores, go through the OP-TEE per-core initialization, and then
411 * Inform OP-TEE about a new virtual machine
414 * OP-TEE records client id of new virtual machine and prepares
415 * to receive requests from it. This call is available only if OP-TEE
430 * a0 OPTEE_ABI_RETURN_ENOTAVAIL OP-TEE have no resources for
440 * Inform OP-TEE about shutdown of a virtual machine
443 * OP-TEE will clean up all resources associated with this VM. This call is
444 * available only if OP-TEE was built with virtualization support.
[all …]
/optee_os/ta/pkcs11/include/
H A Dpkcs11_ta.h29 * For evolution of the TA API and to not mess with the GPD TEE 4 parameters
31 * the GPD TEE invocation parameter types.
479 * PKCS11_CMD_GET_OBJECT_SIZE - Get byte size used by object in the TEE
887 * TEE Identity based authentication for tokens
889 * When configuration CFG_PKCS11_TA_AUTH_TEE_IDENTITY is enabled TEE Identity
896 * - If the PIN is empty (or NULL_PTR) then active client TEE Identity will be
897 * used as SO TEE Identity
900 * Once TEE Identity based authentication is activated following operational
904 * client TEE Identity will be used
910 * To switch the authentication mode from PIN to TEE Identity:
[all …]
/optee_os/core/arch/arm/plat-hisilicon/
H A Dconf.mk37 # TEE RAM: 4 MiB (TEE_RAM_VA_SIZE) | TZDRAM
43 # TEE RAM: 448 KiB (TZSRAM_SIZE) | TZSRAM
45 # OP-TEE Future Use: 2 MiB

12345678910>>...14