目录

内容简介

• What-is: 什么是 TEE
• OP-TEE: 什么是 OP-TEE 以及代码简介
• TEE subsystem in Linux: Linux 内核 TEE 相关代码简介
• QEMU OP-TEE: qemu 搭建 OP-TEE 调试环境
• Aarch64: TEE 相关的 arm 指令简介
• CVE-2019-1010298: OP-TEE 一个整数溢出漏洞

What-is

<aside> 💡 独立于Kernel 的一个 OS，需要CPU支持：Arm Trust Zone, Intel SGX ..

</aside>

OP-TEE

https://github.com/OP-TEE

A trio of Intel boffins have broken a vendor lock-down on trusted execution environments (TEEs) with the release of an open source framework that could help developers to build more secure apps.

OP-TEE is divided in various components: