On Sat, Sep 7, 2013 at 1:48 AM, Linus Walleij <linus.walleij@xxxxxxxxxx> wrote: > On Thu, Sep 5, 2013 at 5:27 AM, Alexandre Courbot <acourbot@xxxxxxxxxx> wrote: > >> Trusted Foundations is a TrustZone-based secure monitor for ARM that >> can be invoked using a consistent SMC-based API on all supported >> platforms. This patch adds initial basic support for Trusted >> Foundations using the ARM firmware API. Current features are limited >> to the ability to boot secondary processors. >> >> Signed-off-by: Alexandre Courbot <acourbot@xxxxxxxxxx> >> Reviewed-by: Tomasz Figa <t.figa@xxxxxxxxxxx> >> Reviewed-by: Stephen Warren <swarren@xxxxxxxxxx> > > I take it that this means that it is a set of standard routines > living in the secure world that can be called by way of this > API, correct? The commit message is written a bit like > everybody knows what this is about but I don't :-) It's actually written a bit like I don't really know what this is about, thanks for exposing my ignorance. :P > Some more background here would be nice, like where did this > thing come from, and are there other platforms in existance that > use trusted foundations or is it a Tegra-only thing? Does a > specification of this thing listing available services exist for > example? There is unfortunately no public specification of this AFAIK. Client (kernel) side sources are available as Tegra downstream kernel releases, but that's about it. > How does it relate to the (arch-neutral) trusted execution > environment and such things that other vendors are pushing for? > Can the trusted foundations be used "underneath" such > frameworks for trusted applications, or is it a parallell thing > altogether? My understanding is that TF serves the same purpose for ARM only AFAICT. > I tried googling it, is this a relevant URL? > http://www.arm.com/community/partners/display_product/rw/ProductId/5393/ Yes. TF is an essential feature to support in order to boot the kernel on some Tegra-based consumer devices (e.g. SHIELD). Basic things such as secondary CPU control must be performed through SMCs. It has many more features but for the moment I don't see a need to go beyond the very basic. The issue is that as you pointed out, public information is scarce and future direction uncertain. That's why this patchset limits itself to what is needed to get secondary CPUs running - the procedure is very simple and unlikely to change in the future. DT binding is also as concise as possible to allow malleability since we cannot predict how it will evolve in the future. I will try to explain better what TF is in the commit log - at least as far as I understand it myself. Alex. -- To unsubscribe from this list: send the line "unsubscribe devicetree" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html