The TrustZone feature in ARM v7/8 CPUs promises to protect sensitive data even with a compromised kernel. Although it could be used for securing VPN keys, running a TPM in software or handling feature licenses, TrustZone has been largely ignored by the Linux community. Currently, the most widespread use for TEEs (Trusted Execution Environments) seems to be proprietary DRM for video streaming on Android. This is about to change, because since the merge of the OP-TEE infrastructure in Linux 4.12, we how have a standardized interface with a fully open source implementation. We can now run small applications separately from the normal Linux world, protecting the user's data instead of hiding data from the user.
In this presentation, Marc will explain the underlying technology and how it can be used. He will also report on which parts are still missing for full functionality.
Marc Kleine-Budde started using Linux in 1995, he works for Pengutronix e.K. in Hildesheim after he got his diploma in Electrical Engineering specialized in Computer Engineering in 2005 at Leibniz University Hannover. At Pengutronix he is working on the Linux Kernel and low level... Read More →
Wednesday October 25, 2017 12:05 - 12:45 CEST
Berlin/Brussels
