Eventlog Parsing and PCR Extension in TPM in OP-TEE
Stabilized RockPi4 with OP-TEE
Optimize private shared memory in Linux kernel driver
OP-TEE is an open source Trusted Execution Environment (TEE) leveraging the Arm TrustZone technology. It provides a reference implementation of secure world software for Armv7-A and Armv8-A class processors. Since the TEE is a core component in the Arm ecosystem, it is used in a lot of different use cases and has been deployed in mobile phones, tablets, cameras, set-top boxes etc.
Linaro has a long track record of working with TrustZone and Trusted Execution Environments (TEE). Back in 2013 Linaro, together with STMicroelectronics, started working on preparing STMicroelectronics proprietary TEE solution for Open Source. A couple of months later OP-TEE was published and since then Linaro has been a key contributor both in terms of pushing new features as well as doing roadmap planning, maintenance, release work, vulnerability assessment and mitigation of security issues.
In 2019, OP-TEE was donated to Trusted Firmware, a Linaro Community Project. Linaro is still responsible for driving the roadmap for OP-TEE in sync with the members of Linaro as well as with theTrustedFirmware.orgproject. We employ several core maintainers for the OP-TEE project as well as maintainers for the TEE framework in the Linux kernel and U-Boot.
The current focus areas of the project include :
Work with Arm to ensure that OP-TEE works with newer architectures as well as supports older architectures.
Make OP-TEE compatible with FF-A specification. Prepare it so that it can be used in environments with Secure Partitions enabled.
Support technologies which matter to members eg PKCS#11, SCMI Server, Widevine, Keymaster and Gatekeeper TA’s (AOSP) and StMM
Our preference is to use GitHub for communication. We encourage people to use the “issues” to reportbugs, give suggestions, ask questions etc.
Please try to use the “issues” in the relevant git. I.e., if you want to discuss something related to optee_client, then use “issues” atoptee_clientand so on. If you have a general question etc about OP-TEE that doesn’t really belong to a specific git, then please useissues at optee_osin that case.