IMX8 OPTEE

From Variscite Wiki
Warning: This page is designed to be used with a 'release' URL parameter.

This page is using the default release mx8mp-yocto-kirkstone-5.15-2.0.x-v1.0.
To view this page for a specific Variscite SoM and software release, please follow these steps:

  1. Visit variwiki.com
  2. Select your SoM
  3. Select the software release
DART-MX8M-PLUS OPTEE

OP-TEE Introduction

NXP i.MX Platforms support the use of Open Portable Trusted Execution Environment (OP-TEE).

OP-TEE is designed primarily to rely on the Arm TrustZone technology as the underlying hardware isolation mechanism. However, it has been structured to be compatible with any isolation technology suitable for the TEE concept and goals, such as running as a virtual machine or on a dedicated CPU.

The main design goals for OP-TEE are:

  • Isolation - the TEE provides isolation from the non-secure OS and protects the loaded Trusted Applications (TAs) from each other using underlying hardware support.
  • Small footprint - the TEE should remain small enough to reside in a reasonable amount of on-chip memory as found on Arm based systems.
  • Portability - the TEE aims at being easily pluggable to different architectures and available HW and has to support various setups such as multiple client OSes or multiple TEEs.

For more information, please see the following resources from NXP:

Enable OP-TEE with Yocto

To enable OP-TEE, add the following to conf/local.conf: 

MACHINE_FEATURES:append = " optee"
DISTRO_FEATURES:append = " optee"
IMAGE_INSTALL:append = " optee-os optee-test"

Then, rebuild the Yocto image and test OP-TEE using the xtest utility.

For more information about how to rebuild the Yocto, follow the steps here: Build Yocto from source code.

OP-TEE Memory Configuration

The DRAM memory size is hardcoded in optee-os and needs to be updated according to the memory configuration of your SoM.

The DRAM size is configured by the variable TEE_CFG_DDR_SIZE, which is initialized in https://github.com/varigit/meta-variscite-bsp/blob/kirkstone/conf/machine/imx8mp-var-dart.conf and may be updated directly or overidden in conf/local.conf.


For example, override TEE_CFG_DDR_SIZE to 4GB: 

TEE_CFG_DDR_SIZE = "0x100000000"
Retrieved from "https://variwiki.com/index.php?title=IMX8_OPTEE&oldid=22461"
Latest Modules
Support
Variscite Support Center
Contact Support
Product Longevity
Product Compliance Policy
Blog
Variscite Training
Variscite Website
This page was last edited on 3 April 2023, at 15:17.

© 2024 Variscite. All rights reserved