lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 4 Jun 2015 13:00:05 +0100
From:	Mark Brown <broonie@...nel.org>
To:	Jens Wiklander <jens.wiklander@...aro.org>
Cc:	Mark Rutland <mark.rutland@....com>,
	"valentin.manea@...wei.com" <valentin.manea@...wei.com>,
	"devicetree@...r.kernel.org" <devicetree@...r.kernel.org>,
	"javier@...igon.com" <javier@...igon.com>,
	"emmanuel.michel@...com" <emmanuel.michel@...com>,
	Herbert Xu <herbert@...dor.apana.org.au>,
	Arnd Bergmann <arnd@...db.de>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"jean-michel.delorme@...com" <jean-michel.delorme@...com>,
	Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
	"tpmdd-devel@...ts.sourceforge.net" 
	<tpmdd-devel@...ts.sourceforge.net>,
	Rob Herring <robh+dt@...nel.org>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH V3 2/2] tee: add OP-TEE driver

On Wed, May 20, 2015 at 02:16:48PM +0200, Jens Wiklander wrote:

> > > +#define OPTEE_SMC_SHM_NONCACHED                0ULL
> > > +#define OPTEE_SMC_SHM_CACHED           1ULL

> > What precise set of memory attributes do these imply?

...

> OP-TEE is more or less always compiled for a specific platform so if the
> kernel uses some other mapping for a particular platform we'll change the
> OP-TEE settings to be compatible with the kernel on that platform.

I'm not convinced that's a realistic assumption going forwards - I
certainly hope it isn't.  Currently TEE code tends to be only built for
verticial systems because of this lack of standardiation (and the fact
that so much is proprietary at the minute) but hopefully one of the
results of having a reusable solution in the standard kernel with an
open platform for the secure side will be that people will be more able
to use this, perhaps in applications where things like single kernel
support are much more important than they are for the environments where
TEEs are currently deployed.

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ