STM32 MPU OP-TEE overview

Revision as of 10:36, 29 March 2024 by Registered User (Created page with "==Overview of the OP-TEE open source project== [[File: OpenSTLinux architecture overview.png|link=OpenSTLinux architecture overview|thumb|Zoom out to OpenSTLinux distribution]...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

1. Overview of the OP-TEE open source project[edit source]

Zoom out to OpenSTLinux distribution

OP-TEE allows the development and integration of secure services and applications under trusted execution environments, that is execution environments isolated from the Linux® -based OS.

Description extracted from the OP-TEE site[1]:

"OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. OP-TEE implements TEE Internal Core API v1.1.x which is the API exposed to Trusted Applications and the TEE Client API v1.0, which is the API describing how to communicate with a TEE. Those APIs are defined in the GlobalPlatform API specifications."
Warning white.png Warning
In STM32MP software deliveries, OP-TEE allow to implement trusted service and is also used a resource manager for resources that a under secure world control as per STM32MP chip design. Platform can configure OP-TEE to only act as resource manager or to act as both a resource manager and a trusted service provider. Refer to How to configure OP-TEE article for configuring information.

OP-TEE is delivered under a BSD style license and can run secure (trusted) applications, named TAs, without restriction on their licensing model.

The OP-TEE project is maintained by the Linaro Security Working Group.

  • OP-TEE official site[1]
  • OP-TEE source repositories [2][3][4]
  • OP-TEE documentation[5]

GlobalPlatform Device TEE specifications (TEE Client API, TEE Internal Core API and few more) are available from the GlobalPlatform site[6].

2. OP-TEE roles in OSTL[edit source]

3. OP-TEE profiles[edit source]

No categories assignedEdit