[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

TEE with XEN


  • To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jens Wiklander <jens.wiklander@xxxxxxxxxx>, Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>, "tee-dev@xxxxxxxxxxxxxxxx" <tee-dev@xxxxxxxxxxxxxxxx>, Stefano Babic <sbabic@xxxxxxx>, Julien Grall <julien@xxxxxxx>
  • From: Peng Fan <peng.fan@xxxxxxx>
  • Date: Mon, 15 Jun 2020 02:07:21 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nxp.com; dmarc=pass action=none header.from=nxp.com; dkim=pass header.d=nxp.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lQQp9vYsqvwtbedk7b/0d9QHMLwJKtyURWXUHGrQSEI=; b=awXD6sW4kazUHdZZM39sDIxW0CFBfK6v+JPb5QKbPenrJmD7rLRXXOavNz7PC+x+Hzr9UIk4LrLYOGxR6QEcwLtt0Gxz1SS31N1TJQBmCcHSj9o/vM8fmA5MYKIpX9hiA4ZvPcKdhGPM9vQrxIsIhB9i1HzXeaTqeI46GT15tgcbbVPGUlTSWZ3xntw4DLLXckZYio0sybBp1iCh4f2g1agcIUr+kSb2nqs2rTAkON4IKHweRRJdhIDzHXN7O7Ga2ytqhitvporQ2j/vsgmz3WGsLKf+d74Q7ZTJzpPbDzboVop3AhoRwQPQj7MksR/AYVGwk/7XNto9BeoF09tBDA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eE2fSnfU0rqQevo9IDw/E3S8uo9e9dW/Tag+QaJALvNE9CGewuzLarajSGjvaCuU21WHnF33cioOJf2Uk0PuQ0MxfmX8c5u5WkwEP+JPZ2b8e9gKvxaKsy2CSZ+milv+zWV/9qA8tzHMqIOYRtjk+pECvBfsa+PIVa3X5NNfoWCIzMzzARZDXIqnmVYB4EtATkSmV3wFMbWY7EBYHaWvot4g98FncxcZNW5STw8BAwDJJaag1eSXNRXCBAoA+FAeUoayfILYQsN5sY8l/IhZaSglBb4dngCWJXUtZe7fPJ/QF+pxdjLA6oFWOjMSzNGQ9m26n42SPCjc2q9JbndSMg==
  • Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=nxp.com;
  • Delivery-date: Mon, 15 Jun 2020 02:07:30 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AdZCuN8SyGfGPx9hRva/eeajiUtqpQ==
  • Thread-topic: TEE with XEN

Hi All,

While enabling trusty os with xen, I took same approach as OP-TEE, 
with OP-TEE running in secure world. But I am also thinking this might
introduce potential issue is that secure world OS communicate with DomU.
If there are some misbehavior in secure world OS, it might let XEN
hypervisor not work proper.

In my setup, trusty os sometimes panic in secure world, xen will not able
to control the panic core anymore.

So I am thinking whether we need to emulating secure world in a XEN VM
which is the VM running DomU. Just like what ACRN did to run trusty
os.

Any comments?

Thanks,
Peng.



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.