1*f5117af2SPascal Brand# OP-TEE - version 0.2.0 2759cc499SJoakim Bech 3*f5117af2SPascal Brand## New features 4*f5117af2SPascal Brand 5*f5117af2SPascal Brand### Linux Driver Refactoring 6*f5117af2SPascal Brand 7*f5117af2SPascal BrandLinux Driver has been refactored. It is now split in two parts: 8*f5117af2SPascal Brand* optee.ko, the generic Linux driver. It contains all functionality 9*f5117af2SPascal Brand common to all backends. 10*f5117af2SPascal Brand* optee_armtz.ko, a specific backend dedicated to the TrustZone optee. 11*f5117af2SPascal Brand It depends on optee.ko. 12*f5117af2SPascal Brand 13*f5117af2SPascal BrandLoading the TrustZone optee linux driver module is now performed using 14*f5117af2SPascal Brand 15*f5117af2SPascal Brand modprobe optee_armtz 16*f5117af2SPascal Brand 17*f5117af2SPascal BrandThanks to the dependency between the generic and the backend modules, optee.ko is then automatically loaded. 18*f5117af2SPascal Brand 19*f5117af2SPascal Brand### Misc new features 20*f5117af2SPascal Brand* support PL310 lock down at TEE boot 21*f5117af2SPascal Brand* add 64bits support (division / print) 22*f5117af2SPascal Brand 23*f5117af2SPascal Brand## Tested on 24*f5117af2SPascal BrandDefinitions: 25*f5117af2SPascal Brand 26*f5117af2SPascal Brand| Type | Meaning | 27*f5117af2SPascal Brand| ---- | ------- | 28*f5117af2SPascal Brand| Standard tests | The optee_test project. | 29*f5117af2SPascal Brand| Extended tests | optee_test with tests from the GlobalPlatform™ TEE Initial Configuration Test Suite v1.1.0.4. | 30*f5117af2SPascal Brand| Hello world test | Plain hello world Trusted Application such as [this][hello_world]. | 31*f5117af2SPascal Brand 32*f5117af2SPascal Brand* ARM Juno Board (vexpress-juno), standard tests + extended tests. 33*f5117af2SPascal Brand 34*f5117af2SPascal Brand* Foundation Models (vexpress-fvp), standard + extended tests. 35*f5117af2SPascal Brand 36*f5117af2SPascal Brand* QEMU (vexpress-qemu), standard + extended tests. 37*f5117af2SPascal Brand 38*f5117af2SPascal Brand* STM Cannes (stm-cannes), standard + extended tests. 39*f5117af2SPascal Brand 40*f5117af2SPascal Brand 41*f5117af2SPascal Brand## Issues resolved since last release 42*f5117af2SPascal Brand* Fix user TA trace issue, in order each TA is able to select its own trace level 43*f5117af2SPascal Brand 44*f5117af2SPascal Brand 45*f5117af2SPascal Brand------------------------------------------- 46*f5117af2SPascal Brand#OP-TEE - version 0.1.0 47*f5117af2SPascal Brand 48*f5117af2SPascal Brand## New features 49759cc499SJoakim BechBelow is a summary of the most important features added, but at the end you will 50759cc499SJoakim Bechfind a link that present you all commits between the current and previous 51759cc499SJoakim Bechrelease tag. 52759cc499SJoakim Bech 53759cc499SJoakim Bech* GlobalPlatform Client API v1.0 support. 54759cc499SJoakim Bech 55759cc499SJoakim Bech* GlobalPlatform Internal API v1.0 support. 56759cc499SJoakim Bech 57759cc499SJoakim Bech* GlobalPlatform Secure Elements v1.0 support. 58759cc499SJoakim Bech 59759cc499SJoakim Bech* Add hardware support for 60759cc499SJoakim Bech 61759cc499SJoakim Bech * Allwinner A80, ARMv7-A. 62759cc499SJoakim Bech 63759cc499SJoakim Bech * ARM Juno Board, ARMv8-A. 64759cc499SJoakim Bech 65759cc499SJoakim Bech * Foundation Models, ARMv8-A. 66759cc499SJoakim Bech 67759cc499SJoakim Bech * Fast Models, ARMv8-A. 68759cc499SJoakim Bech 69759cc499SJoakim Bech * QEMU, ARMv7-A. 70759cc499SJoakim Bech 71759cc499SJoakim Bech * STM Cannes, ARMv7-A. 72759cc499SJoakim Bech 73759cc499SJoakim Bech * STM Orly2, ARMv7-A. 74759cc499SJoakim Bech 75759cc499SJoakim Bech* Add LibTomCrypt as the default software cryptographic library. 76759cc499SJoakim Bech 77759cc499SJoakim Bech* Add cryptographic abstraction layer in on secure side to ease the use of 78759cc499SJoakim Bech other cryptographic software libraries or adding support for hardware 79759cc499SJoakim Bech acceleration. 80759cc499SJoakim Bech 81759cc499SJoakim Bech* Extended cryptographic API with support for HKDF, Concat KDF and PBKDF2. 82759cc499SJoakim Bech 83759cc499SJoakim Bech* SHA-1 and SHA-256 ARMv8-A crypto extension implementation. 84759cc499SJoakim Bech 85759cc499SJoakim Bech* Enabled paging support in OP-TEE OS. 86759cc499SJoakim Bech 87759cc499SJoakim Bech* Add support for xtest (both standard and extended) in QEMU and FVP setup 88759cc499SJoakim Bech scripts. 89759cc499SJoakim Bech 90759cc499SJoakim Bech* Add documentation for the OS design, cryptographic abstraction layer, secure 91759cc499SJoakim Bech elements design, the build system, GitHub usage, key derivation extensions, 92759cc499SJoakim Bech ARM-Trusted Firmware usage within OP-TEE and GlobalPlatform usage within 93759cc499SJoakim Bech OP-TEE. 94759cc499SJoakim Bech 95759cc499SJoakim Bech* Integrate support for Travis CI. 96759cc499SJoakim Bech 97759cc499SJoakim Bech* [Link][github_commits_0_1_0] to a list of all commits between this and 98759cc499SJoakim Bech previous release. 99759cc499SJoakim Bech 100759cc499SJoakim Bech 101*f5117af2SPascal Brand## Tested on 102759cc499SJoakim BechDefinitions: 103759cc499SJoakim Bech 104759cc499SJoakim Bech| Type | Meaning | 105759cc499SJoakim Bech| ---- | ------- | 106759cc499SJoakim Bech| Standard tests | The optee_test project. | 107759cc499SJoakim Bech| Extended tests | optee_test with tests from the GlobalPlatform™ TEE Initial Configuration Test Suite v1.0.0. | 108759cc499SJoakim Bech| Hello world test | Plain hello world Trusted Application such as [this][hello_world]. | 109759cc499SJoakim Bech 110759cc499SJoakim Bech* Allwinner A80 (plat-sunxi), hello world test. 111759cc499SJoakim Bech 112759cc499SJoakim Bech* ARM Juno Board (vexpress-juno), standard tests. 113759cc499SJoakim Bech 114759cc499SJoakim Bech* Foundation Models (plat-vexpress-fvp), standard + extended tests 115759cc499SJoakim Bech 116759cc499SJoakim Bech* QEMU (plat-vexpress-qemu), standard + extended tests (and Secure Elements 117759cc499SJoakim Bech tested separately). 118759cc499SJoakim Bech 119759cc499SJoakim Bech* STM Cannes (plat-stm-cannes), standard + extended tests. 120759cc499SJoakim Bech 121759cc499SJoakim Bech 122*f5117af2SPascal Brand## Issues resolved since last release 123759cc499SJoakim BechN/A since this is the first release tag on OP-TEE. 124759cc499SJoakim Bech 125759cc499SJoakim Bech 126*f5117af2SPascal Brand## Known issues 127759cc499SJoakim Bech* Storage is implemented, but not "Secure storage", meaning that a client 128759cc499SJoakim Bech needs to do encrypt files on their own before storing the files. 129759cc499SJoakim Bech 130759cc499SJoakim Bech* Issue(s) open on GitHub 131759cc499SJoakim Bech * [#95][pr95]: An error about building the test code of libtomcrypt. 132759cc499SJoakim Bech 133759cc499SJoakim Bech * [#149][pr149]: when testing optee os with arm trusted firmware (I 134759cc499SJoakim Bech utilized optee os tee.bin as bl32 image) on juno platform, I got an 135759cc499SJoakim Bech error. 136759cc499SJoakim Bech 137759cc499SJoakim Bech * [#161][pr161]: tee_svc_cryp.c lacks accessibility checks on 138759cc499SJoakim Bech user-supplied TEE_Attributes. 139759cc499SJoakim Bech 140759cc499SJoakim Bech[hello_world]: https://github.com/jenswi-linaro/lcu14_optee_hello_world 141759cc499SJoakim Bech[github_commits_0_1_0]: https://github.com/OP-TEE/optee_os/compare/b01047730e77127c23a36591643eeb8bb0487d68...999e4a6c0f64d3177fd3d0db234107b6fb860884 142759cc499SJoakim Bech[pr95]: https://github.com/OP-TEE/optee_os/issues/95 143759cc499SJoakim Bech[pr149]: https://github.com/OP-TEE/optee_os/issues/149 144759cc499SJoakim Bech[pr161]: https://github.com/OP-TEE/optee_os/issues/161 145759cc499SJoakim Bech 146