Hi Manish,

>>The existing name is more suitable for configuration where the platform has BL1 in it and BL2 can run at EL3 instead of S-EL1.

Well, that is a minor thing to take care. V9 implementation does that in a way.

>>This configuration is currently not available in TF-A but having this flexibility is not a bad idea and it can be platform's choice.

That’s my answer! And the default choice costs some memory with probably no increase in security (V8).

 

>>BL31 can mask the secure world.

Cant be done reliably on V8  (with root world V9  or EL2_S there is potential to compartmentalize the secure services as PAS isolation is feasible)

Ex: EL1S can always overwrite the BL31 Xlat tables and take control of the vectors and many other ways depending on the platform. It’s the same PAS!

 

Thanks

Sandeep