Generic Support for ARM TrustZone

This proposal has been accepted as a session.

Accepted Session
60 Minute BoF
Scheduled: Thursday, October 16, 2014 from 4:30 – 5:30pm in Room 26

One Line Summary

Given the the momentum that TrustZone is having in the open source community, it is time to bring generic support to the Linux Kernel.


ARM TrustZone has been available since 2004. However, it is very recent that open frameworks have been proposed (e.g., SafeG, Genode, Open Virtualization) that makes it possible for the research community as well as the industry to experiment and develop innovative solutions with TrustZone. It is also now that ARM and Linaro are putting a significant amount of effort into standardizing the mechanisms to switch to TrustZone’s secure processor mode (i.e., secure world), most probably aiming at a more general use of TrustZone for ARMv8. Here, we refer to Trusted Firmware and the SMC Calling Convention. We believe that it is time to bring the interested parts together in order to: (i) discuss what is the best way to bring TrustZone support to the Linux Kernel, and (ii) define a generic interface that allows to use different TrustZone approaches from within the kernel, just as it happens today with TPM.


TrustZone, Hardware Security Extensions.

Presentation Materials



Leave a private comment to organizers about this proposal