FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OP-TEE 3.17.0 makes board not booting anymore

Go to solution
syedelec
Associate III

‎2022-04-21 12:13 AM

Hi,

I am using an official STM32MP157C-DK2 board.

I tested to build OP-TEE 3.17.0 for stm32mp1 however the boot hangs.

I am building OP-TEE OS using:

make PLATFORM=stm32mp1 \
CROSS_COMPILE_core=arm-linux-gnueabihf- \
CROSS_COMPILE_ta_arm64=arm-linux-gnueabihf- \
CFG_ARM32_core=y \
CROSS_COMPILE_ta_arm32=arm-linux-gnueabihf- \
CFG_TEE_CORE_LOG_LEVEL=2 \
CFG_TEE_CORE_DEBUG=n \
CFG_EMBED_DTB_SOURCE_FILE=stm32mp157c-dk2.dts

The full image (st-image-core) I am using is based on meta-st-stm32mp and open-stlinux (dunfell branch)

The kernel is the one present in the meta layer: kernel (5.10.61)

I am aware that an existing version of OP-TEE is present in the build however it's from version 3.12.0.

I tried to build OP-TEE OS version 3.16.0 apart and include it in the final image and it works as expected.

I investigated and the issue comes from the linux-stm32mp kernel patches because when I built the stable kernel based on the same version 5.10.61 without patches, it works with OP-TEE 3.17.0 without issues.

My main questions are:

  • What are the main differences between the linux-stm32mp based on 5.10.61 and the mainline version?
  • What are the main differences between the optee-os-stm32mp based on 3.12.0 and the mainline version?
  • Is there security breach if I use mainline optee-os with mainline linux kernel?
  • Is there security breach if I mix mainline optee-os with linux-stm32mp and vice versa?
  • What is the roadmap regarding updates for optee-os-stm32mp and linux-stm32mp?

Thanks for your help

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Olivier GALLIEN
ST Employee

‎2022-05-10 02:22 AM

Hi @syedelec​ ,

This is some answer to your questions :

  • What are the main differences between the linux-stm32mp based on 5.10.61 and the mainline version?

Main differences is that linux-stm32mp is fully integrated/tested on our STM32MP15 plaftorm and in combination with the related BSP element.

ST always recommend to use ecosystem as a whole : BSP + Kernel.

  • What are the main differences between the optee-os-stm32mp based on 3.12.0 and the mainline version?

Likely some customization related to ST platform and integration strategy.

  • Is there security breach if I use mainline optee-os with mainline linux kernel?
  • Is there security breach if I mix mainline optee-os with linux-stm32mp and vice versa?

Cannot answer to this. Whatever mainline or ST version, you can find some means and tools to setup a secure platform.

But security breach or vulnerability are responsibility of product developer which integrate all pieces together.

  • What is the roadmap regarding updates for optee-os-stm32mp and linux-stm32mp?

ST will soon release ecosystem 4.0 with OPTEE 3.16 and Kernel 5.15.

Hope it help

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.

View solution in original post

0 Kudos
2 REPLIES 2
Go to solution
Olivier GALLIEN
ST Employee

‎2022-05-10 02:22 AM

Hi @syedelec​ ,

This is some answer to your questions :

  • What are the main differences between the linux-stm32mp based on 5.10.61 and the mainline version?

Main differences is that linux-stm32mp is fully integrated/tested on our STM32MP15 plaftorm and in combination with the related BSP element.

ST always recommend to use ecosystem as a whole : BSP + Kernel.

  • What are the main differences between the optee-os-stm32mp based on 3.12.0 and the mainline version?

Likely some customization related to ST platform and integration strategy.

  • Is there security breach if I use mainline optee-os with mainline linux kernel?
  • Is there security breach if I mix mainline optee-os with linux-stm32mp and vice versa?

Cannot answer to this. Whatever mainline or ST version, you can find some means and tools to setup a secure platform.

But security breach or vulnerability are responsibility of product developer which integrate all pieces together.

  • What is the roadmap regarding updates for optee-os-stm32mp and linux-stm32mp?

ST will soon release ecosystem 4.0 with OPTEE 3.16 and Kernel 5.15.

Hope it help

Olivier

Olivier GALLIEN
In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
0 Kudos
Go to solution
syedelec
Associate III
In response to Olivier GALLIEN

‎2022-05-10 02:30 AM

Thank you so much for your reply!

0 Kudos
Top