Skip to content
No description, website, or topics provided.
C Assembly Makefile Python Shell C++
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
core Updated console messages for FB, GPIO, and GPIOKeypad drivers Jul 1, 2018
documentation documentation: fix secure storage description Jun 9, 2017
eval Initial release of the SeCloak secure kernel Jul 1, 2018
keys TA as ELF + signature Sep 9, 2015
lib/libutils Initial release of the SeCloak secure kernel Jul 1, 2018
scripts core: avoid incremental linking with -gc May 29, 2017
support Added additional supporting files for running SeCloak Jul 2, 2019
tiles Initial release of the SeCloak secure kernel Jul 1, 2018
.gitignore Open-source the TEE Core Jun 12, 2014
.travis.yml Remove CFG_SMALL_PAGE_USER_TA=n May 30, 2017
LICENSE plat-ti: Add AM43xx platform flavor Apr 19, 2017
Makefile Initial release of the SeCloak secure kernel Jul 1, 2018 improve description of the sign-off tag May 19, 2017 doc: add TI AM57xx to supported platforms May 19, 2017 Initial release of the SeCloak secure kernel Jul 1, 2018
typedefs.checkpatch Take some GP types into account when running patch check tool May 10, 2017

OP-TEE Trusted OS


  1. Introduction
  2. License
  3. Platforms supported
  4. Get and build OP-TEE software
  5. Coding standards 5. checkpatch

1. Introduction

The optee_os git, contains the source code for the TEE in Linux using the ARM® TrustZone® technology. This component meets the GlobalPlatform TEE System Architecture specification. It also provides the TEE Internal core API v1.1 as defined by the GlobalPlatform TEE Standard for the development of Trusted Applications. For a general overview of OP-TEE and to find out how to contribute, please see the file.

The Trusted OS is accessible from the Rich OS (Linux) using the GlobalPlatform TEE Client API Specification v1.0, which also is used to trigger secure execution of applications within the TEE.

2. License

The software is distributed mostly under the BSD 2-Clause open source license, apart from some files in the optee_os/lib/libutils directory which are distributed under the BSD 3-Clause or public domain licenses.

3. Platforms supported

Several platforms are supported. In order to manage slight differences between platforms, a PLATFORM_FLAVOR flag has been introduced. The PLATFORM and PLATFORM_FLAVOR flags define the whole configuration for a chip the where the Trusted OS runs. Note that there is also a composite form which makes it possible to append PLATFORM_FLAVOR directly, by adding a dash in-between the names. The composite form is shown below for the different boards. For more specific details about build flags etc, please read the file Some platforms have different sub-maintainers, please refer to the file for contact details for various platforms.

Platform Composite PLATFORM flag Publicly available?
Allwinner A80 Board PLATFORM=sunxi No
ARM Juno Board PLATFORM=vexpress-juno Yes
FSL ls1021a PLATFORM=ls-ls1021atwr Yes
FSL i.MX6 Quad SABRE Lite Board PLATFORM=imx Yes
FSL i.MX6 Quad SABRE SD Board PLATFORM=imx Yes
FSL i.MX6 UltraLite EVK Board PLATFORM=imx Yes
ARM Foundation FVP PLATFORM=vexpress-fvp Yes
HiSilicon D02 PLATFORM=d02 No
HiKey Board (HiSilicon Kirin 620) PLATFORM=hikey Yes
MediaTek MT8173 EVB Board PLATFORM=mediatek-mt8173 No
QEMU PLATFORM=vexpress-qemu_virt Yes
QEMUv8 PLATFORM=vexpress-qemu_armv8a Yes
Raspberry Pi 3 PLATFORM=rpi3 Yes
Renesas RCAR PLATFORM=rcar No
STMicroelectronics b2260 - h410 (96boards fmt) PLATFORM=stm-b2260 No
STMicroelectronics b2120 - h310 / h410 PLATFORM=stm-cannes No
Texas Instruments DRA7xx PLATFORM=ti-dra7xx Yes
Texas Instruments AM57xx PLATFORM=ti-am57xx Yes
Texas Instruments AM43xx PLATFORM=ti-am43xx Yes
Xilinx Zynq 7000 ZC702 PLATFORM=zynq7k-zc702 Yes
Xilinx Zynq UltraScale+ MPSOC PLATFORM=zynqmp-zcu102 Yes
Spreadtrum SC9860 PLATFORM=sprd-sc9860 No

4. Get and build OP-TEE software

Please see build for instructions how to run OP-TEE on various devices.

5. Coding standards

In this project we are trying to adhere to the same coding convention as used in the Linux kernel (see CodingStyle). We achieve this by running checkpatch from Linux kernel. However there are a few exceptions that we had to make since the code also follows GlobalPlatform standards. The exceptions are as follows:

  • CamelCase for GlobalPlatform types are allowed.
  • And we also exclude checking third party code that we might use in this project, such as LibTomCrypt, MPA, newlib (not in this particular git, but those are also part of the complete TEE solution). The reason for excluding and not fixing third party code is because we would probably deviate too much from upstream and therefore it would be hard to rebase against those projects later on (and we don't expect that it is easy to convince other software projects to change coding style).

5.1 checkpatch

Since checkpatch is licensed under the terms of GNU GPL License Version 2, we cannot include this script directly into this project. Please use checkpatch directly from the Linux kernel git in combination with the local checkpatch script.

You can’t perform that action at this time.