Hi Nvidia expert,
We are developing security IOT solution based on TX2 TrustZone Trusty/TA supporting. A lot of security hardware assistant security feature will be enabled to harden our SDK, such as secure booting and TEE based secure storage, attestation, TFA based crypto service, key management, etc.
Based on our prior experience on other Cortex-A SoC, we will need to customize secure bootloader to enforce resource isolation and proper memory isolation between REE and TEE and also other OS BSP/components etc. Something similar to Raspberry PI3 optee customization as per Raspberry Pi 3 — OP-TEE documentation documentation.
Here is our question:
1> Where should we get started with similar customization for TX board? Should we use SDK manager ubuntu or YOCTO linux distribution?
2>.YOCTO linux distribution seems the way to go for embed developing. But based on https://docs.nvidia.com/drive/drive_os_188.8.131.52L/nvvib_docs/index.html#page/DRIVE_OS_Linux_SDK_Development_Guide/Appendix/install_yocto.html# , which indicates that Ubuntu 16.04 (16-bit distribution) is one of pre-condition. Can we make it work with ubuntu18.04 host machine?
Any suggestions would be greatly appreciated!