Trustzone support for QUARTZ64
#1
Hello!

The documentation for Quartz64 mentions of support for ARM Trustzone. Is this available to test at this time, where can I find the repo/sources and the instructions for it? I am looking for OP-TEE along with TF-A support. If there is no support at this time, when is it expected to be?

I am asking because I would like to purchase one if it is supported, and recommend to others depending on evaluation results.
  Reply
#2
The board is still in quite an early development phase so I don't think anybody has looked into this yet. You're better off looking into a ROCKPro64 right now.
  Reply
#3
(07-14-2021, 04:30 PM)CounterPillow Wrote: The board is still in quite an early development phase so I don't think anybody has looked into this yet. You're better off looking into a ROCKPro64 right now.


Hello!



I received my Quartz64 model-A. Booting the Slackware as well as CRUX each with 5.13.0 kernel seems to boot. The serial console is on the UART2 (2x10 PI-2 header pins 8 and 10). I used the SDCard to boot. It would be nice to know if USB and eMMC boots also work.



Each of the two images I tried have Trustzone bootloaders enabled, and that includes OPTEE (BL32 phase) as well! So this is very promising to my requirements for eval/testing/exploring. The userland tee-supplicant and example OPTEE binaries are not included in the image, so I will have to build them.



An aside, for the first boot the Linux OOPS'd and panicked. But just did fsck on each of the partitions on the SDcard, and the board booted all the way in the login prompt, was able to login and look around.



It will help if someone who knows the JTAG/SWD header location and details can share those details. If using openocd then the config file will also help.


Updated  8 Aug 2021:
Attempting to trace the location of the Trusted Firmware A (TF-A) and OP-TEE sources:
  1. https://wiki.pine64.org/wiki/Quartz64_De...ing_Status leads to
  2. http://opensource.rock-chips.com/wiki_Main_Page, which leads to
  3. http://opensource.rock-chips.com/wiki_ATF

The comment on this page is "Rockchip do not provide the ATF source code, you can find the ATF binaries in rkbin repository".
The plat/rockchip directory under mainline the AT=F, https://github.com/ARM-software/arm-trus...t/rockchip, sources does not have an rk3566 folder or an rk folder. Is RK3566's startup the same as one of the rk33's? Which one if so? Or has Rockchip really not released the AT-F source code?

If no sources available for rk3566, it would be disappointing: the chain of trust really depends on trusting RockChip's TF-A binaries, not the solution builder. Also, the Linux part of the userland OP-TEE cannot be built. I wanted to evaluate signed and encrypted boot, which then I cannot.

Does anyone have any comments on this? Will Rockchip ever release these sources? When if so?
  Reply
#4
(08-07-2021, 08:31 AM)capablegh Wrote: Or has Rockchip really not released the AT-F source code?

If no sources available for rk3566, it would be disappointing: the chain of trust really depends on trusting RockChip's TF-A binaries, not the solution builder. Also, the Linux part of the userland OP-TEE cannot be built. I wanted to evaluate signed and encrypted boot, which then I cannot.

Does anyone have any comments on this? Will Rockchip ever release these sources? When if so?

Rockchip has not yet released the trusted firmware source. We've been told that they will do this in due time, once they've cleaned them up. The plan is to release them eventually, from what we know. It's just not a priority for them right now.
  Reply
#5
(08-09-2021, 02:41 AM)CounterPillow Wrote:
(08-07-2021, 08:31 AM)capablegh Wrote: Or has Rockchip really not released the AT-F source code?

If no sources available for rk3566, it would be disappointing: the chain of trust really depends on trusting RockChip's TF-A binaries, not the solution builder. Also, the Linux part of the userland OP-TEE cannot be built. I wanted to evaluate signed and encrypted boot, which then I cannot.

Does anyone have any comments on this? Will Rockchip ever release these sources? When if so?

Rockchip has not yet released the trusted firmware source. We've been told that they will do this in due time, once they've cleaned them up. The plan is to release them eventually, from what we know. It's just not a priority for them right now.

Thank you @CounterPillow ,  it helps know the perspective.

What remains is getting specifics about the JTAG/SWD on Quartz64 board: Which of JTAG or SWD is used? Where are these exposed on the board? And any other specifics such as OpenOCD config that can help setup the debug environment? Where could I find this info? The RK3566 datasheet does not seem to provide specifics. There is some mention on the Quartz64 schematics, but it isn't exactly clear.
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Has the Quartz64 Model B project been canceled? Silver 1 286 08-29-2021, 09:47 AM
Last Post: CounterPillow
  Quartz64 Model B release date? Silver 7 1,654 08-15-2021, 06:20 PM
Last Post: Silver
  JTAG/SWD on Quartz64 model A capablegh 2 334 08-12-2021, 02:29 PM
Last Post: capablegh
  Quartz64 Model A & B benchmarks vs. RK3399 sbc's Silver 4 1,437 07-12-2021, 11:32 AM
Last Post: CounterPillow

Forum Jump:


Users browsing this thread: 1 Guest(s)