Porting OP-TEE over imx6ULL board

cancel
Showing results for 
Search instead for 
Did you mean: 

Porting OP-TEE over imx6ULL board

1,854 Views
NebulaDev16
Contributor I

We have been exploring the option to bring-up OP-TEE over imx6ULL board and we were going through the i.MX Porting Guide Section 5.3 OP-TEE booting flow. It is mentioned there that  :

U-Boot binary specific to boot OP- TEE Only booting from the SD card is supported for TEE.

As we are currently using emmc to program the images, is that a limitation for u-boot-imx*_sd_optee.imx to boot up from SD card only.

Also does High Assurance Boot(HAB) is dependent on OP-TEE in any way?

Thanks for the help !

Labels (1)
0 Kudos
5 Replies

1,832 Views
Juan-Rodarte
NXP Employee
NXP Employee

Hi,

The HAB does not depend on OPTEE, it is executed previously to authenticate the images.
You can review application note 4581 for more detailed information.

https://www.nxp.com/webapp/Download?colCode=AN4581&location=null

Best regards,

Diego

0 Kudos

1,817 Views
NebulaDev16
Contributor I

Hi Diego,

Thanks for the reply,

By your answer, Can we conclude that HAB is also not dependent or related to Trusted Firmware -A(TF-A) provided by ARM?

We have few more questions:

1. Can you also please share the secure storage options which can be used by iMX6ULL to store confidential information for enhanced security. We know about e-fuses, but does it support RPMB in eMMC as well? Also do we have any references to software TPM like fTPM fulfilling the purpose.

2. Also for imx6ULL ,Has TF-A has been ported in the past? If yes, please provide reference document or links around it.

Thanks for your help in advance.

@Juan-Rodarte @igorpadykov 

0 Kudos

1,796 Views
Juan-Rodarte
NXP Employee
NXP Employee

Hello,

1. I share the documentation for secure storage where the RPMB filesystem is also mentioned:
https://optee.readthedocs.io/en/latest/architecture/secure_storage.html?highlight=rpmb#rpmb-secure-s...

2. According to the documentation, it has not been ported to i.MX 6, only to 7 and 8.
https://trustedfirmware-a.readthedocs.io/en/latest/plat/index.html

Best Regards,

Diego

0 Kudos

1,789 Views
vikas1
Contributor I

Hi @Juan-Rodarte 

Thanks for providing the information's around TFA and RPMB.

Can you please provides your thoughts around below question:

We have been exploring the option to bring-up OP-TEE over imx6ULL board and we were going through the i.MX Porting Guide Section 5.3 OP-TEE booting flow. It is mentioned there that  :

U-Boot binary specific to boot OP- TEE Only booting from the SD card is supported for TEE.

As we are currently using emmc to program the images, is that a limitation for u-boot-imx*_sd_optee.imx to boot up from SD card only.

Quick response is appreciated.

 

Regards,

Vikas

 

0 Kudos

1,848 Views
NebulaDev16
Contributor I

I am also looking for this document Security Reference Manual for the i.MX 6ULL Applications Processor.

Quick help is appreciated here.

0 Kudos