Hi Jens,
By untrusted kernel, I meant the REE.
We are trying to achieve the following:
Lets say, we have an encrypted REE application (say EA). The vendor of the application wants to hide their code against potentially compromised REE (For example: infected with rootkit/malware).
, a theoretical solution (assuming TEE is safe) would be to decrypt and execute the EA in TEE and proxy all the syscalls made by the EA to REE.
While processing syscalls, REE can see only certain memory pages(decided by the EA and enforced by TEE).
This way, the decrypted code of the EA, will never leave secure memory.
tl;dr Kinda DRM for code.
-Aravind
________________________________ From: Jens Wiklander jens.wiklander@linaro.org Sent: Monday, December 5, 2016 11:16:40 PM To: machiry aravind Cc: tee-dev@lists.linaro.org Subject: Re: [Tee-dev] Isolated Execution Environment using OP-TEE TZ
Hi Aravind,
On Mon, Dec 5, 2016 at 9:41 PM, machiry aravind machiry_msidc@hotmail.com wrote:
Hi all,
Can we have isolated execution environments for untrusted applications using TrustZone?
In theory, the untrusted app will run as a TA, all syscalls made by the TA will be proxyed to untrusted kernel.
What is the untrusted kernel?
The memory mappings should be taken care so that the untrusted kernel can access the isolated app's memory during syscall.
Of course, I am omitting various other details for this message.
But, is this feasible? Are there limitations on the maximum amount of secure memory? or Am I missing something obvious (Most likely)?
What are you trying to achieve?
There exists other solutions based on virtualization to contain untrusted code, TrustZone is not the right tool for this.
Thanks, Jens