FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

IMX8M Nano: ARM TZ Secure Storage compatibility between NXP 4.14.98_2.3.1 and 5.4.47_2.2.0 releases

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IMX8M Nano: ARM TZ Secure Storage compatibility between NXP 4.14.98_2.3.1 and 5.4.47_2.2.0 releases

‎02-02-2021 12:16 PM
737 Views
sergei_p
Contributor III

Hello

We have a compatibility problem when accessing objects in ARM TZ Secure Storage created with the 4.14.98_2.3.1-based BSP, after updating to 5.4.47_2.2.0-based BSP.

Our board is a custom design based on i.MX 8M Nano SOC. Initially, we ported NXP 4.14.98_2.3.1 to the board, including the use of the optee ARM TZ Secure Storage.

Now, we updated our BSP to NXP 5.4.47_2.2.0. When we are booting the board with the new images, we cannot access the objects in the TrustedZone Secure Storage anymore:

...
E/LD: init_elf:438 sys_open_ta_bin(f4e750bb-1437-4fbf-8785-8d3580c34995)
E/TC:? 0 init_with_ldelf:232 ldelf failed with res: 0xf0100001
E/TC:? 0 tee_ta_open_session:728 Failed. Return error 0xf0100001
...

Definitely, optee-os and optee-client versions changed between the releases, however are the errors above expected? How could we access the objects created with 4.14.98 BSP after the update?

Any thoughts will be appreciated.

Labels (1)
0 Kudos
Reply
2 Replies

‎02-10-2021 10:57 AM
713 Views
sergei_p
Contributor III

Thanks Igor. All the above (and other) components used by our BSPs matches the respective versions of the NXP BSPs 4.14.98 and 5.4.47.

To remind, the problem is that the object in the Secure Storage (/data/tee) created by the 4.14.98 BSP are no longer accessible after updating to 5.4.47 BSP.

In 4.14.98, optee-os version is 37f4865cd3a4d22c of the imx_4.14.98_2.1.0 branch, by the recipe name optee-os-imx_git.bb it's some work-in-progress version.

I 5.4.47, optee-os version is b3914e547eaf906 of the imx_5.4.47_2.2.0 branch, by the recipe name optee-os_3.10.0.imx.bb I could tell it's of the 3.1.0 version.

Do you have any insight on the future updates of the optee-os package, will they be compatible with 3.10.0 regarding the objects in /data/tee?

Thanks!

0 Kudos
Reply