How to establish a bi-directional data transfer process between Normal and Secure World ? about optee_test HOT 4 CLOSED

OP-TEE is mainly designed to allow a Linux userland application (non-secure) to invoke services from an OP-TEE trusted application (secure). Such services invocation allow the Linux client application to pass input data (as values and/or memory buffers) to the TA (Trusted App), the the TA to provide output data (as values and/or memory buffers) back to the client. For that purpose, OP-TEE complies with the TEE APIs released by GlobalPlatform.

Among the several docs, maybe start with the overview presented at Linux Plumbers 2016.

OP-TEE documentation contains many info, have a look at the GlobalPlatform API page.

OP-TEE examples repository shows simple client & trusted applications. hello_world example passes a single value from client app to trusted app. aes example passes 2 memory buffers from the client app to the trusted app (one for input data, one for output data).

Note that OP-TEE platforms support a console but only to print trace messages from OP-TEE core and TAs (Trusted Applications) for debug and test purpose. It is not designed to interact with OP-TEE, as you can with Linux console for example.

In the hope it helps.

from optee_test.

Hello,

Thank you for your response and explanations.
Could you also help me understand if it is feasible to set up a remote client (remote client not the normal world within OP-TEE environment) connection with the TAs through the normal world ?

from optee_test.

If you mean an entity running outside the CPU clusters executing OP-TEE, then you likely need some kind of interrupt+shared memory based mailbox between the external entity and the CPUs. Interface can be either straight in OP-TEE core or in REE/Linux that would invoke OP-TEE to relay the requests.
Yes, it is feasible.
No, there is no generic support for this in OP-TEE.
Remember that any threaded execution in OP-TEE must be invoked from Linux as Linux scheduler governs OP-TEE thread scheduling. Notification can help to schedule TEE threads regarding some TEE secure events/interrupts.

from optee_test.

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note that you can always re-open a closed issue at any time.

from optee_test.