Hi,

We are using our own soc (which is provided by our company only). It also supports security extensions. But vault ip support is not there.

Thanks

From: Volodymyr Babchuk
Sent: Friday, October 7, 4:31 PM
Subject: Re: [Tee-dev] OPtee Porting.
To: Siva Krishna Reddy Yaramala
Cc: tee-dev@lists.linaro.org

Siva, GIC is not needed at all for basic op-tee porting. Later. when you'll start writing drivers for secure HW you may need to work with GIC. All you need is a serial console driver, and you need it only for debugging purposes. So if you can debug op-tee in other way, you don't need even the serial console. You can start from ARM Technical Reference Manual which is available there: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0406c/index.html You will need to register at ARM.com but this is free. Refer to sections describing Security Extensions. You need to familiarize yourself with execution modes in general and Secure Monitor Mode in particular. By the way, are you sure that your chip supports this extensions? But this documentations is about armv7 architecture itself. The way how op-tee (or any other TEE) is loaded into memory and then executed is heavily dependent on vendor-specific ROM code. So you will need to contact vendor of your chip for the details. Or at least check a TRM (datasheet) for your chip regading boot sequence. There should be a way to execute your code in Secure Monitor Mode. And one more thing. Most of the mailing lists allow only plain text e-mails (contrary to Rich Text or HTML emails). I suppose that tee-dev is one of such lists. So it will be great if you'll configure your e-mail client to write e-mails in plain text format. On 7 October 2016 at 07:57, Siva Krishna Reddy Yaramala wrote: > > Thanks for your reply vlad. > > > Our processor is arm cortex A5. It supports armv7-A instruction > set.According to you , we don't need to bother about trusted firmware. > > And we are not using standard arm gic interrupt controller , we are using > custom interrupt controller. > > > How much porting effort should be there as we are not using gic? > > Can you please suggest me any reference for cortex A5(armvV7a) for > understanding. > > > > > Thanks. > > ________________________________ > From: Volodymyr Babchuk > Sent: Thursday, October 6, 2016 7:04:45 PM > To: Siva Krishna Reddy Yaramala > Cc: tee-dev@lists.linaro.org > Subject: Re: [Tee-dev] OPtee Porting. > > Hi Siva, > > On 6 October 2016 at 15:03, Siva Krishna Reddy Yaramala > wrote: > >> Is arm-trusted firmware really required in the optee bringup? > arm trusted firmware is a standard component on ARMv8 architecture. It > is unavailable on ARMv7. On ARMv7 OP-TEE works as standalone secure > monitor (without ARM TF). > Technically you can throw away ARM TF on ARMv8 and use OP-TEE in > standalone mode. You will need some changes in optee in this case. > AFAIK no one did this before. > >> Can we boot optee directly from u-boot without arm-trusted firmware? > Usually op-tee boots before u-boot. But it is platform dependent. If > u-boot on your platform boots in EL3 (secure monitor) mode, then, yes, > you can boot optee from u-boot. > But usually u-boot operates in EL1 (supervisor) mode, so it is too > late to boot up op-tee. Also, in case of booting optee from u-boot you > need to develop a way to return back to u-boot to boot linux kernel. > >> Is there any specific hardware requirements to run optee? > Processor core need to support ARM Security Extensions. This is only > one hardware requirement. > > ______________________________________________________________________ > This email has been scanned by the Symantec Email Security.cloud service. > For more information please visit http://www.symanteccloud.com > ______________________________________________________________________ -- WBR Volodymyr Babchuk aka lorc [+380976646013] mailto: vlad.babchuk@gmail.com ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________