Hi Javier, On 09.03.2015 15:33, Javier González wrote:
TEE_IOC_CMD TEE_IOC_SHM_ALLOC TEE_IOC_SHM_FREE // Jean-Michel, can you develop on this ioctl? TEE_IOC_MEM_MAP TEE_IOC_MEM_UNMAP // Same as TEE_IOC_SHM_FREE
Related to my previous comment. How does this differ in use case compared to the traditional syscall mmap?
I am thinking of allocating a piece of memory that is protected/monitored from within the TEE; something similar to Intel SGX's trusted enclaves. This is part of what we have been researching. Since the mechanisms to implement this require a form of trap-and-emulate memory operations, which TrustZone alone does not cover today (we need a common MMU), we could start by using mmap and add advanced functionality like this in the future.
I don't think this is thing that should be implemented by TEE(or TrustZone). Others have tried to implement such things but they are quite horrible to do with TrustZone. ARM does provide a nice trap mechanism in hyp mode but I think it should be out of scope for us.
What I would like the MAP/UNMAP ioctl to be used is to map pointers from Linux user space to TEE. More or less this is a requirement from GP as well.
Valentin