Hi Aravind,
On Mon, Dec 5, 2016 at 9:41 PM, machiry aravind machiry_msidc@hotmail.com wrote:
Hi all,
Can we have isolated execution environments for untrusted applications using TrustZone?
In theory, the untrusted app will run as a TA, all syscalls made by the TA will be proxyed to untrusted kernel.
What is the untrusted kernel?
The memory mappings should be taken care so that the untrusted kernel can access the isolated app's memory during syscall.
Of course, I am omitting various other details for this message.
But, is this feasible? Are there limitations on the maximum amount of secure memory? or Am I missing something obvious (Most likely)?
What are you trying to achieve?
There exists other solutions based on virtualization to contain untrusted code, TrustZone is not the right tool for this.
Thanks, Jens