Open Portable Trusted Execution Environment, or OP-TEE, is an open-source project that provides a Trusted Execution Environment (TEE) for secure computing on ARM-based processors. A TEE is a secure area within a processor that ensures the confidentiality and integrity of the code and data running inside it. OP-TEE specifically targets ARM TrustZone technology, which is a hardware-based security feature available on ARM Cortex-A processors.
...
Folders | Descriptions |
optee_client/ | This directory houses client libraries, including libteec and libckteec, along with the TEE supplicant. These libraries facilitate communication between non-secure applications and trusted applications running in the TEE. |
optee_examples/ | Several official examples demonstrating the usage of OP-TEE are located here. These examples serve as reference implementations for developers integrating OP-TEE into their applications. |
optee_os/ | This directory is the top-level directory within the OP-TEE source code repository. It serves as the main container for all source code, configuration files, scripts, and documentation related to OP-TEE. |
optee_build.sh | This script facilitates the building of the OP-TEE image. |
optee_clean.sh | This script simplifies the cleaning process within the "optee/" directory. |
Within the "optee_os/" directory, you would typically find the following:
Folders | Descriptions |
core/ | Contains the core components of OP-TEE, including the trusted OS (TEE Core), which is responsible for handling secure operations, managing trusted applications, and providing secure services to these applications. |
keys/ | Contains cryptographic keys and certificates used for secure operations within the TEE. |
lib/ | Contains libraries and related code used within the TEE. These libraries provide essential functionalities and services to trusted applications running within the TEE. |
scripts/ | Contains various scripts used for development, build automation, testing, and maintenance tasks related to OP-TEE. |
out/arm | This directory is generated during the build process as an output directory where build artifacts, such as compiled binaries, object files, and logs, are stored. |
ta/ | This directory is the location where Trusted Applications (TAs) are stored. Trusted Applications are software components executed within the TEE. These applications run with higher security privileges and can access sensitive resources securely. |
sp7350.mk | Makefile of OP-TEE OS of sp7350 platform. |
Within the "core/" directory, further subdivisions include:
Folders | Descriptions |
arch/arm/ | Contains ARM-specific code, such as context switching, exception handling, and low-level initialization. |
arch/arm/plat/sp/ | Contains SP7350-specific code and configurations. This includes code related to bootstrapping, device drivers, and hardware-specific functionalities. |
crypto/ | Contains the implementation of cryptographic algorithms and related functionalities used within the TEE. |
drivers/ | Contains device driver implementations for hardware peripherals and components that interface with the TEE. |
include/ | Contains header files (.h files) that define interfaces, data structures, constants, and function prototypes used by various core components of the TEE. |
kernel/ | This directory contains the core kernel-level components of the TEE. These components are responsible for managing the execution environment, scheduling tasks, handling interrupts, and providing essential operating system functionalities within the TEE. |
lib/ | Contains libraries and related code used within the core components of the TEE. These libraries provide essential functionalities and services to various components running within the TEE. |
mm/ | Contains code related to memory management within the TEE. This includes functionalities for managing memory resources, implementing memory protection mechanisms, and handling memory operations securely. |
pta/ | Contains code related to PTAs (Primary Trusted Applications) within the Trusted Execution Environment (TEE). PTAs are trusted applications that are integral to the functioning of the TEE itself. |
tee/ | Contains the core components of the TEE. These components are responsible for providing a secure execution environment for Trusted Applications (TAs). |
...