Hi,大家好。
我们团队花了很长时间实现了基于ARM TrustZone的安全内核T6:t6_overview,现在代码已进入稳定版本,目前支持三星SoC、ARM Versatile Express,正在支持Freescale,T6正计划开源,但不知道国内这方面的需求怎么样。
板上大神不少,希望大家能给出点意见或批评,让我们能够有动力将T6一直维护下去。
谢谢。
Hi Ochaoboy,
Really helpful and valuable reply, thanks. Here are my comments:
1. T6 has two ways to handle scheduling, the first one is reserve a FIQ timer, the second one is to use non-preemptive scheduling if you don't want to modify non-secure kernel. We put FIQ timer a higher priority that Linux timer IRQ. Communication between worlds has synchronized and asynchronized ways: invoke SMC directly or through an interrupt.
2. Maybe that is not a good design, but we sometimes got too many interrupts when switching to secure world, that is why we currently disable most of IRQs that we don't care.
4. We provide shared memory mechanism, it is Trustlet's responsibility to decide how to handle its buffers. T6 maintains the mapping of secure and non-secure memory in Trustlet's page table.
We may provide GP TEE API as an alternative lib in the future.
Currently, we are: 1) trying to remove the board specific NDA codes and refine project configuration for public download, as we could not come up with a better approach, 2) solving L2 cache issue, some parts of which needs to be initialized in secure world. It may take some days since we are busy preparing some exams...
Thanks Ochaoboy.
Thanks,
Wenhao
很好的方法,祝考试取得好成绩。
祝LZ考试得高分