diff options
author | Jens Wiklander <jens.wiklander@linaro.org> | 2017-11-29 13:43:45 +0100 |
---|---|---|
committer | Jérôme Forissier <jerome.forissier@linaro.org> | 2017-12-08 12:54:01 +0100 |
commit | fed9daa40ae21533d28e09746b38a7da7187c24d (patch) | |
tree | 85a10da337186541edde8d4bcf43f3a30a78870d /documentation | |
parent | 9ced7d8bde949692c59427f304de5b61123cb306 (diff) |
Describe Secure Storage TA
Adds a section describing the new Secure Storage TAs.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Diffstat (limited to 'documentation')
-rw-r--r-- | documentation/optee_design.md | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/documentation/optee_design.md b/documentation/optee_design.md index 853c35a5..2535eb87 100644 --- a/documentation/optee_design.md +++ b/documentation/optee_design.md @@ -645,9 +645,25 @@ they execute in Secure World. Trusted Application benefit from the GlobalPlatform Core Internal API as specified by the GlobalPlatform TEE specifications. -There are two types of user mode TAs, which differ by the way they are stored. +There are several types of user mode TAs, which differ by the way they are +stored. -#### "Normal" or REE FS Trusted Applications +#### "Normal" or Secure Storage Trusted Applications + +These are stored in secure storage. The meta data is stored in a database +of all installed TAs and the actual binary is stored encrypted as a +separate file in the untrusted REE filesystem. + +Before these TAs can be loaded they have to be installed first, this is +something that can be done during initial deployment or at a later stage. + +For test purposes the test program xtest can install a TA into secure +storage with the command: +``` +xtest --install-ta +``` + +#### "Legacy" or REE FS Trusted Applications They consist of a cleartext signed ELF file, named from the UUID of the TA and the suffix ".ta". |