search

riscv-non-isa / riscv-ap-tee

This repo holds the work area and revisions of the non-ISA specification created by the RISC-V AP-TEE TG. This specification defines the programming interfaces (ABI) to support the Confidential VM Extension (CoVE) confidential computing architecture for RISC-V application-processor platforms.
https://jira.riscv.org/browse/RVG-76
Creative Commons Attribution 4.0 International
50 stars 20 forks source link

[Qualcomm feedback] Chapter 4: Figure 1 #42

Closed rsahita closed 8 months ago

rsahita commented 9 months ago

Reference: link

Re: Figure 1

Does the architecture preclude other TEE instances? ie architecturally is there any reason why one can not create mutually distrusting TEEs for their own purpose/scope? either way we should have clarifying statements cause the underlying isolation mechanics does not distinguish one vs N supervisor domains.

More in general the figure needs updating to match the statement in the next page about the architecture supporting multiple confidential supervisory domains and multiple per-host TVMs

Isn't the TSM-driver, the rv cpu and everything below is also in Non-confidential VM TCB. ie certain entities provide tcb for both

rsahita commented 8 months ago

updated the figure in the combined PR - PTAL

rsahita commented 8 months ago

address in PR #71

cc @ozkoyuncu