Skip to content

Latest commit

 

History

History
180 lines (118 loc) · 5.85 KB

CHANGELOG.md

File metadata and controls

180 lines (118 loc) · 5.85 KB

OP-TEE - version 0.3.0

New features

  • Add hardware support for
    • Mediatek MT8173 Board, ARMv8-A (plat-mediatek)
    • Hisilicon HiKey Board, ARMv8-A (plat-hikey)
  • AArch64 build of optee_os is now possible through the configuration CFG_ARM64_core=y
  • Secure Storage: Data can be encrypted prior to their storage in the non-secure. Build is configured using CFG_ENC_FS=y
  • A generic boot scheme can be used. Boot configuration is commonalized. This helps new board support. It is applied on plat-hikey, plat-vexpress, plat-mediatek, plat-stm and plat-vexpress.

Tested on

Definitions:

Type Meaning
Standard tests The optee_test project.
Extended tests optee_test with tests from the GlobalPlatform™ TEE Initial Configuration Test Suite v1.1.0.4.
Hello world test Plain hello world Trusted Application such as this.
  • ARM Juno Board (vexpress-juno), standard tests.
  • Foundation Models (vexpress-fvp), standard tests.
  • HiKey (hikey), standard tests.
  • MT8173 (mediatek), standard tests.
  • QEMU (vexpress-qemu), standard + extended tests.
  • STM Cannes (stm-cannes), standard + extended tests.

OP-TEE - version 0.2.0

New features

Linux Driver Refactoring

Linux Driver has been refactored. It is now split in two parts:

  • optee.ko, the generic Linux driver. It contains all functionality common to all backends.
  • optee_armtz.ko, a specific backend dedicated to the TrustZone optee. It depends on optee.ko.

Loading the TrustZone optee linux driver module is now performed using

modprobe optee_armtz

Thanks to the dependency between the generic and the backend modules, optee.ko is then automatically loaded.

Misc new features

  • support PL310 lock down at TEE boot
  • add 64bits support (division / print)

Tested on

Definitions:

Type Meaning
Standard tests The optee_test project.
Extended tests optee_test with tests from the GlobalPlatform™ TEE Initial Configuration Test Suite v1.1.0.4.
Hello world test Plain hello world Trusted Application such as this.

  • ARM Juno Board (vexpress-juno), standard tests + extended tests.

  • Foundation Models (vexpress-fvp), standard + extended tests.

  • QEMU (vexpress-qemu), standard + extended tests.

  • STM Cannes (stm-cannes), standard + extended tests.

## Issues resolved since last release

  • Fix user TA trace issue, in order each TA is able to select its own trace level

#OP-TEE - version 0.1.0

New features

Below is a summary of the most important features added, but at the end you will find a link that present you all commits between the current and previous release tag.

  • GlobalPlatform Client API v1.0 support.

  • GlobalPlatform Internal API v1.0 support.

  • GlobalPlatform Secure Elements v1.0 support.

  • Add hardware support for

    • Allwinner A80, ARMv7-A.

    • ARM Juno Board, ARMv8-A.

    • Foundation Models, ARMv8-A.

    • Fast Models, ARMv8-A.

    • QEMU, ARMv7-A.

    • STM Cannes, ARMv7-A.

    • STM Orly2, ARMv7-A.

  • Add LibTomCrypt as the default software cryptographic library.

  • Add cryptographic abstraction layer in on secure side to ease the use of other cryptographic software libraries or adding support for hardware acceleration.

  • Extended cryptographic API with support for HKDF, Concat KDF and PBKDF2.

  • SHA-1 and SHA-256 ARMv8-A crypto extension implementation.

  • Enabled paging support in OP-TEE OS.

  • Add support for xtest (both standard and extended) in QEMU and FVP setup scripts.

  • Add documentation for the OS design, cryptographic abstraction layer, secure elements design, the build system, GitHub usage, key derivation extensions, ARM-Trusted Firmware usage within OP-TEE and GlobalPlatform usage within OP-TEE.

  • Integrate support for Travis CI.

  • Link to a list of all commits between this and previous release.

Tested on

Definitions:

Type Meaning
Standard tests The optee_test project.
Extended tests optee_test with tests from the GlobalPlatform™ TEE Initial Configuration Test Suite v1.0.0.
Hello world test Plain hello world Trusted Application such as this.

  • Allwinner A80 (plat-sunxi), hello world test.

  • ARM Juno Board (vexpress-juno), standard tests.

  • Foundation Models (plat-vexpress-fvp), standard + extended tests

  • QEMU (plat-vexpress-qemu), standard + extended tests (and Secure Elements tested separately).

  • STM Cannes (plat-stm-cannes), standard + extended tests.

## Issues resolved since last release N/A since this is the first release tag on OP-TEE.

Known issues

  • Storage is implemented, but not "Secure storage", meaning that a client needs to do encrypt files on their own before storing the files.

  • Issue(s) open on GitHub

    • #95: An error about building the test code of libtomcrypt.

    • #149: when testing optee os with arm trusted firmware (I utilized optee os tee.bin as bl32 image) on juno platform, I got an error.

    • #161: tee_svc_cryp.c lacks accessibility checks on user-supplied TEE_Attributes.

  • Global Platform Device Internal Core API v1.1
    • [#230][pr230]: Persistent object corruption support (TEE_ERROR_CORRUPT_OBJECT/_2)
    • [#230][pr230]: Persistent object access support (TEE_ERROR_STORAGE_NOT_AVAILABLE/_2)