Documentation/tee/ts-tee.rst

1 .. SPDX-License-Identifier: GPL-2.0
4 TS-TEE (Trusted Services project)
10 for developing and deploying device Root of Trust services in FF-A [2] S-EL0
12 Platform Security Architecture [3] for Arm A-profile devices.
14 The FF-A Secure Partitions (SP) are accessible through the FF-A driver [4] which
20 All Trusted Services (TS) SPs have the same FF-A UUID; it identifies the TS RPC
22 A service is identified by its service UUID; the same type of service cannot be
23 present twice in the same SP. During SP boot each service in the SP is assigned
28 OS. However, in case of FF-A, memory sharing works on an endpoint level, i.e.
33 services. Opening a service corresponds to opening a session in the given
40    +--------+                                               +-------------+
42    +--------+                                               | Services SP |
43       /\                                                    +-------------+
48    +-------+                +----------+--------+           +-------------+
49    | libts |                |  TEE     | TS-TEE |           |  FF-A SPMC  |
51    +-------+----------------+----+-----+--------+-----------+-------------+
52    |      Generic TEE API        |     |  FF-A  |     TS RPC protocol     |
53    |      IOCTL (TEE_IOC_*)      |     | driver |        over FF-A        |
54    +-----------------------------+     +--------+-------------------------+
59 [1] https://www.trustedfirmware.org/projects/trusted-services/
61 [2] https://developer.arm.com/documentation/den0077/
63 [3] https://www.arm.com/architecture/security-features/platform-security
67 [5] https://trusted-services.readthedocs.io/en/v1.0.0/developer/service-access-protocols.html#abi
69 [6] https://git.trustedfirmware.org/TS/trusted-services.git/tree/components/rpc/ts_rpc/caller/linux…
71 [7] https://git.trustedfirmware.org/TS/trusted-services.git/tree/deployments/libts/arm-linux/CMakeL…