amd-tee.rst - OpenGrok cross reference for /linux/Documentation/tee/amd-tee.rst

Lines Matching +full:secure +full:- +full:only
1 .. SPDX-License-Identifier: GPL-2.0
4 AMD-TEE (AMD's Trusted Execution Environment)
7 The AMD-TEE driver handles the communication with AMD's TEE environment. The
8 TEE environment is provided by AMD Secure Processor.
10 The AMD Secure Processor (formerly called Platform Security Processor or PSP)
12 software-based Trusted Execution Environment (TEE) designed to enable
13 third-party Trusted Applications. This feature is currently enabled only for
16 The following picture shows a high level overview of AMD-TEE::
21  User space            (Kernel space)        |    AMD Secure Processor (PSP)
24  +--------+                                  |       +-------------+
26  +--------+                                  |       | Application |
27      /\                                      |       +-------------+
31      ||                                      |         +----------+
35  +---------+           +-----------+---------+         +----------+
36  | TEE     |           | TEE       | AMD-TEE |         | AMD-TEE  |
39  +---------+-----------+----+------+---------+---------+----------+
42  +--------------------------+      +---------+--------------------+
44 At the lowest level (in x86), the AMD Secure Processor (ASP) driver uses the
47 the secure processor and return results to AMD-TEE driver. The interface
48 between AMD-TEE driver and AMD Secure Processor driver can be found in [1].
50 The AMD-TEE driver packages the command buffer payload for processing in TEE.
53 The TEE commands supported by AMD-TEE Trusted OS are:
55 * TEE_CMD_ID_LOAD_TA          - loads a Trusted Application (TA) binary into
57 * TEE_CMD_ID_UNLOAD_TA        - unloads TA binary from TEE environment.
58 * TEE_CMD_ID_OPEN_SESSION     - opens a session with a loaded TA.
59 * TEE_CMD_ID_CLOSE_SESSION    - closes session with loaded TA
60 * TEE_CMD_ID_INVOKE_CMD       - invokes a command with loaded TA
61 * TEE_CMD_ID_MAP_SHARED_MEM   - maps shared memory
62 * TEE_CMD_ID_UNMAP_SHARED_MEM - unmaps shared memory
64 AMD-TEE Trusted OS is the firmware running on AMD Secure Processor.
66 The AMD-TEE driver registers itself with TEE subsystem and implements the
69 * get_version - returns the driver implementation id and capability.
70 * open - sets up the driver context data structure.
71 * release - frees up driver resources.
72 * open_session - loads the TA binary and opens session with loaded TA.
73 * close_session -  closes session with loaded TA and unloads it.
74 * invoke_func - invokes a command with loaded TA.
76 cancel_req driver callback is not supported by AMD-TEE.
79 talk to AMD's TEE. AMD's TEE provides a secure environment for loading, opening
85 [1] include/linux/psp-tee.h