If you download the Nvidia BSP sources from this link provided by Nvidia, you can compile OP-TEE as well as your own TA/CA for TrustZone.
In the atf_and_optee_README.txt, step 3 specifies:
- Copy all the files under ./optee/install/t< platform > to the target.
When running l4t_initrd_flash.sh from JetPack 5.0.2, it will download a sample Nvidia rootfs if one doesn’t exist. When flashing the Nvidia rootfs to an Xavier Nx, you’ll see a suite of compiled TAs provided by Nvidia in /lib/optee_armtz/.
What I am not sure about is if there’s a difference in versioning between the binaries provided in the Nvidia rootfs for TrustZone applications and the public_sources tarball. I want to know if I can safely install my own compilation of optee and overwrite binaries that conflict, e.g. tee-supplicant?
In summary: Is there versioning for the OP-TEE provided in Nvidia Sample Rootfs and in OP-TEE provided by public_sources?