On 3/19/14 10:05 AM, Brian Carlstrom wrote:
Our current keystore implementations on Nexus devices are using
trustzone based implementations. but that isn't the same as a TPM.
Interesting thread. Thanks for the information.
ARM and TrustZone aside, I've heard there are Intel-based Android
devices. Do those Intel devices use TPM, TZ, or neither? And would those
Intel-centric changes be in the ASOP?
One issue with TPM support is that a lot is for virtualized hardware,
only some is for live hardware. Someone has Android emulator working
with TPM, a few years ago. It seems that TPM support in appliances is
easier than in live hardware.
Another TPM issue might be BIOS or EFI support, a lot of Linux TPM
support is still BIOS-based, not much EFI support yet. So it depends on
which firmware you target, you might be able to have a TPM-enabled
system. So, you happen to know what kind of firmware (BIOS, UEFI,
Coreboot, other) Intel-based Android hardware uses? TPM isn't that
useful if you can't do a trusted boot, etc.
ASOP aside, would Android-x86 or Intel's Android-IA project offer any
better ability to enable TPM in Android?
Thank you.
--
You received this message because you are subscribed to the Google Groups "Android
Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/d/optout.
