[lowrisc-dev] [GSoC] Porting OPTEE to the lowRISC platform

Hesham Almatary heshamelmatary at gmail.com
Wed Apr 27 00:37:23 BST 2016

Hi Rahul,

Congratulations on getting accepted to GSoC/lowRISC. Hope you find working
with lowRISC a great rewarding experience as it was for me.

On Tue, Apr 26, 2016 at 10:19 PM rahul mahadev <rahul.mahadev7 at gmail.com>

> Hi,
> I am a 4th year student of Information Science at PES University, Bangalore
> , India. I will be working with lowRISC this summer as a part of Google
> Summer Of Code.
> I'm being mentored by Stefan Wallentowitz and my project aims to port a
> TEE(Trusted Execution Environment) to the RISC-V platform. We have looked
> at OPTEE by Linaro as a reference point and hope to establish the
> functionalities it provides. We have chalked out around three ways we could
> do this.
> 1. Full port of OPTEE and effectively porting the entire ARM-Trusted
> Firmware extensions also the ARM TrustZone features could be implemented
> using minion cores.
> 2. Last year's GSOC had Hesham M. Almatary port a fully working seL4
> imlpementation for RISC-V, I could use that and para-virtualize OPTEE and
> the Normal World OS on top of seL4.
The status of seL4/RISC-V port is a little bit unstable currently for the
following reasons:
1- RISC-V toolchain and privileged spec have been updated since last year,
and there are no documentations for these changes so far.
2- The seL4 port was based on the experimental seL4 branch, this has been
updated also.

For 1) You can have a look at the Linux port, Rocket chip implementation
and/or Spike simulator implementation if you need to work with "up-to-date"
RISC-V specs (including privileged one). This might not so easy. Currently
I am updating RISC-V port to work with latest Rocket/Spike implementation
(kinda reverse engineering the specs from the code). For 2) I am updating
seL4/RISC-V (64-bit) to be based on seL4 master branch (future seL4 3.0.0
release). I am not sure how long would it take though.

You options might be:
1) Working with last years revisions (from the date of seL4 blog post)
including gnu toolchain, Spike simulator, and my seL4 repo.
2) Work with an existing seL4 ARM and/or x86 ports initially just to
implement the architecture-independent part of the para-virtualized OPTEE,
and move to RISC-V once it's upstream/updated. seL4 x86/ARM have a decent
support including simulators (QEMU), boards, examples, projects, tests and

It would be a good idea to define what's required from the HW/SoC at this
stage in order to implement para-virtualized OPTEE.

> 3. Third method is the most elegant one in which I write services in seL4
> which will provide features required by a Global Platform compilant TEE.
> More details? Could you provide a list of the requirements from seL4
and/or services? FYI, there are many seL4 user-level libraries that
implement services, I can help with guiding you to those libs once you
define the requirements.

Hope that helps.

As stated in my proposal I will utilize the community bonding period to
> decide which approach to go for, It would also be great If I could get the
> community's opinion.  I find this project really interesting and hope it
> could benefit the community. I will also be mainting a weekly blog , I will
> share the link when it is ready.
> Cheers,

> Thank You
> M <http://heshamelmatary.blogspot.in/>

More information about the lowrisc-dev mailing list