AnsweredAssumed Answered

Handling OpTEE binary header with Arm Trusted Firmware on iMX8M

Question asked by Neil Shipp on Sep 27, 2018
Latest reply on Nov 26, 2018 by Neil Shipp

I'm attempting to load OpTEE on the MCIMX8MEVK board and am having an issue with the image loading. 


The build process for OpTEE on produces a tee.bin with a 24 byte header, and two more files tee-pager.bin and a zero length tee-pageable.bin.  The mkimage build process on looks for a tee.bin and puts it into the fit unchanged. Finally the opteed_setup code in assumes that there's no header and uses the binary as is.  This results in the processor attempting to execute the header block.


I can resolve this by using the tee-pager.bin file as the input to mkimage, but this throws away the header information. And will cause problems if data is moved into the tee-pageable.bin file. The change to handle this header has been available since 2014 in the Linaro-SecureWorkingGroup tree,  which checks for the header and shifts the memory region.  In NXP's there is code that reads the OpTEE header, but it is only used by arm_bl2_setup.c which isn't built using the current yocto recipes.


I'm wondering it is NXP's plan to merge this change to the ATF opteed SPD, or to what their recommendation is for using OpTEE on imx8m?