On Thu, Aug 1, 2019 at 1:00 PM Sumit Garg sumit.garg@linaro.org wrote:
Here TEE isn't similar to a user-space crypto library. In our case TEE is based on ARM TrustZone which only allows TEE communications to be initiated from privileged mode. So why would you like to route communications via user-mode (which is less secure) when we have standardised TEE interface available in kernel?
The physical access guards for reading/writing the involved critical memory are identical as far as I know? Layered security is generally a good thing, and the userspace pass actually adds a layer, so not sure which is really safer?
AFAIK, layered security is better in case we move from lower privilege level to higher privilege level rather than in reverse order.
You can look at this in many ways. Another way to look at it is that the services should be provided with the least amount of permissions required for the task. Further you can containerize something, the better.
As for your PLATFORMS support: it is all nice, but there is no way to convince op-tee or any other tee to be adopted by many real users. Every serious user can and will do their own thing, or at very best, buy it from someone who did their own thing and is trusted. There is zero chance that samsung, huawei, apple, nsa, google, rambus, payment system vendors, .. would actually share the tee (or probably even the interfaces). It is just too vital and people do not trust each other anymore :(
Anyway, enough about the topic from my side. I guess people will tell what they want, I'm fine with any, and it is all progress from the current state :)
-- Janne