Hi Achin,
Thanks a lot for your reply.
OP-TEE running MM as a trusted application seems to be workable solution, however there may be some other troubles:
1. MM is responsible for RAS and secure uefi variable right now; running on EL0 makes it difficult to access RAS related system registers which are only accessible by EL1 or more privileged ELs. The modules in MM are more like device drivers rather than unprivileged applications.
2. The solution binds MM to OP-TEE only; it is not workable for other TEE implementations.
How about making MM as an individual secure partition, which can be dispatched parallelly with TEE and extended to run on S-EL1 in the future?
Please let me know if I miss something :)
Thanks,
Heyi
On 2020/11/23 下午3:27, Achin Gupta wrote:
Hi Heyi,
Happy to discuss the detail but the short answer is no.
Instead, it is possible to run an MM partition in S-EL0 under the TEE. This work is being done with OP-TEE.
From a SW architecture standpoint, it did not seem like a good idea to let EL3 run its "application" i.e. MM SP alongside a TEE which also runs its own applications. It is better to let the TEE own S-EL1 and run all applications in S-EL0 under it.
Cheers, Achin
On 23/11/2020, 05:36, "TF-A on behalf of Heyi Guo via TF-A" <tf-a-bounces@lists.trustedfirmware.org on behalf of tf-a@lists.trustedfirmware.org> wrote:
Hi All, On some platforms there may be requirements to run both TEE and SPM_MM instances, such as providing TEE services on server platforms. Do TF-A support this scenario? If it doesn't, do it make sense to add such support? Thanks, Heyi -- TF-A mailing list TF-A@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/tf-a