As we don't want any guest to access limited resources of TEE,
we need a way to control who can work with it.
Thus, new access vector class "tee" is added with only ony operation
"call" so far. tee framework uses this to check if guest has a right
to work with TEE.
Also, example security context
> From: Volodymyr Babchuk
> Sent: Wednesday, August 22, 2018 10:12 AM
>
> As we don't want any guest to access limited resources of TEE, we need a way
> to control who can work with it.
>
> Thus, new access vector class "tee" is added with only ony operation "call"
> so far. tee framework uses
Hello Daniel,
On 23.08.18 01:44, DeGraaf, Daniel G wrote:
From: Volodymyr Babchuk
Sent: Wednesday, August 22, 2018 10:12 AM
As we don't want any guest to access limited resources of TEE, we need a way to
control who can work with it.
Thus, new access vector class "tee" is added with only ony
Hi Volodymyr,
On 08/22/2018 03:11 PM, Volodymyr Babchuk wrote:
As we don't want any guest to access limited resources of TEE,
we need a way to control who can work with it.
Thus, new access vector class "tee" is added with only ony operation
"call" so far. tee framework uses this to check if gu
Hi Julien,
On 23.08.18 16:43, Julien Grall wrote:
I don't think we should use XSM to enforce the use of TEE. This
contradictory to your next patch where you let the user configure OP-TEE
for a given guest.
IHMO, XSM should only be used to restrict usage of calls in a fine
grain. For an ov
On 08/23/2018 02:57 PM, Volodymyr Babchuk wrote:
Hi Julien,
Hi Volodymyr,
On 23.08.18 16:43, Julien Grall wrote:
I don't think we should use XSM to enforce the use of TEE. This
contradictory to your next patch where you let the user configure
OP-TEE for a given guest.
IHMO, XSM shou
On 08/23/2018 09:32 AM, Volodymyr Babchuk wrote:
Hello Daniel,
On 23.08.18 01:44, DeGraaf, Daniel G wrote:
From: Volodymyr Babchuk
Sent: Wednesday, August 22, 2018 10:12 AM
As we don't want any guest to access limited resources of TEE, we need a way to
control who can work with it.
Thus, ne
