On Fri, Oct 23, 2015 at 10:35:43AM +0200, Benjamin Gaignard wrote:
...
To develop this TEE subsystem we have been using the open source TEE called OP-TEE (https://github.com/OP-TEE/optee_os) and therefore this would be the first TEE solution supported by this new subsystem. OP-TEE is a GlobalPlatform compliant TEE, however this TEE subsystem is not limited to only GlobalPlatform TEEs, instead we have tried to design it so that it should work with other TEE solutions also.
Does this means that GlobalPlatform API like TEEC_InitializeContext, TEEC_OpenSession or TEEC_InvokeCommand are no more available in kernel ? Do you have replace them by something else ?
This is the first step towards upstreaming the driver. Once this is in place we can focus on the in-kernel APIs.
I don't think a pure GP TEE Client API is suitable. We should have something equivalent tailored for the kernel. The API should be as capable as the TEE Client API, that is, it should be possible to place a TEE Client API wrapper on top if desired.
This is my current view, what we'll do in the end is open for discussion.
Regards, Jens