Raspberry Pi 5 has basic upstream OP-TEE support in optee_os:
OP-TEE/optee_os@e1e6e2c
However the current integration appears to rely on TF-A being built with OPTEE_ALLOW_SMC_LOAD=1,
meaning OP-TEE is loaded later via SMC rather than being preloaded as the BL32 payload during boot sequence.
TF-A documentation describes BL32 boot-time loading as the recommended OP-TEE integration mode while OPTEE_ALLOW_SMC_LOAD is mainly a fallback mechanism.
RPi5 already supports loading a custom TF-A BL31 image using:
armstub=bl31.bin
It would be very useful if the RPi5 bootloader config.txt flow could also preload an optional BL32 image, for example:
bl32=tee.bin
bl32_address=0x1d000000
or alternatively:
optee=tee.bin
optee_address=0x1d000000
This would allow Raspberry Pi 5 to use the standard TF-A + OP-TEE boot model and would be useful for TrustZone development, OP-TEE Trusted Application testing, educational use and embedded security research.
I understand that BCM2712 may not provide hardware-enforced secure DRAM isolation, so this request is not claiming full production-grade TEE security intergation.
Raspberry Pi 5 has basic upstream OP-TEE support in optee_os:
OP-TEE/optee_os@e1e6e2c
However the current integration appears to rely on TF-A being built with
OPTEE_ALLOW_SMC_LOAD=1,meaning OP-TEE is loaded later via SMC rather than being preloaded as the BL32 payload during boot sequence.
TF-A documentation describes BL32 boot-time loading as the recommended OP-TEE integration mode while
OPTEE_ALLOW_SMC_LOADis mainly a fallback mechanism.RPi5 already supports loading a custom TF-A BL31 image using:
armstub=bl31.binIt would be very useful if the RPi5 bootloader
config.txtflow could also preload an optional BL32 image, for example:or alternatively:
This would allow Raspberry Pi 5 to use the standard TF-A + OP-TEE boot model and would be useful for TrustZone development, OP-TEE Trusted Application testing, educational use and embedded security research.
I understand that BCM2712 may not provide hardware-enforced secure DRAM isolation, so this request is not claiming full production-grade TEE security intergation.