search

OP-TEE / optee_os

Trusted side of the TEE
Other
1.58k stars 1.06k forks source link

OP-TEE missing driver #4424

Closed friedy10 closed 3 years ago

friedy10 commented 3 years ago

After going through the instructions here to run OP-TEE on my board, I am unable to start tee-supplicant also /dev/tee does not exist. How can I install the driver on my board?

jforissier commented 3 years ago

Hi @friedrich12 ,

Where does your kernel come from? Did you build it or did you get it from some pre-built board support package? The OP-TEE driver is enabled in the Linux kernel via CONFIG_TEE=y and CONFIG_OPTEE=y.

Edit: if you followed the linked instructions then in theory the kernel should be built as part of the whole build process and with the proper settings. @etienne-lms correct me if I'm wrong.

What does dmesg | grep optee say?

etienne-lms commented 3 years ago

Edit: if you followed the linked instructions then in theory the kernel should be built (...) and with the proper settings. @etienne-lms correct me if I'm wrong.

This is right. If you fetch OP-TEE manifest (as explained in build instructions) then you'll get a running OP-TEE with Linux providing /dev/tee0.

If you're using Linux, U-boot or optee from another source... then it depends on them. If optee does not probe in your linux, it is either their is no OP-TEE installed in cpu secure world, or their is one but it's not visible to Linux.

To check if OP-TEE is installed, check your bootloader configuration (likely TF-A BL2): it should be configured to boot OP-TEE (for tf-a: ARCH=aarch32 AARCH32_SP=optee PLAT=stm32mp1). You could also rebuild optee_os with traces (i.e. CFG_TEE_CORE_LOG_LEVEL=3`) and check they are printed a boot time.

Regarding Linux probing optee device (and assuming CONFIG_OPTEE=y as @jforissier said), i think the optee node is missing in the DTB your Linux boots with. You should check if there exists an optee node in the DTS for Linux kernel. If the node is their, then maybe it is u-boot that changes the node content before booting Linux. Maybe add traces in u-boot if needed. There were recent changes in u-boot on how it uses optee nodes in FDT. Recent u-boot may add the OP-TEE node in Linux DTB if u-boot built-in DTB itself embeds an enabled and functional optee node while Linux kernel DTB does not.

friedy10 commented 3 years ago

I followed the build instructions and /dev/tee0 does not exist.

friedy10 commented 3 years ago

image

friedy10 commented 3 years ago

I compiled with just "make" instead of "make PLATFORM=" and it worked.