Home
last modified time | relevance | path

Searched hist:fde4a756bfc837d36bae74853194f0f6646e7b36 (Results 1 – 3 of 3) sorted by relevance

/optee_os/core/include/tee/
H A Dtee_fs_key_manager.hfde4a756bfc837d36bae74853194f0f6646e7b36 Tue Aug 02 08:33:57 UTC 2016 Jerome Forissier <jerome.forissier@linaro.org> storage: encrypt the FEK with a TA-specific key

The File Encryption Key is now encrypted with a Trusted application
Storage Key (TSK) rather than directly with the Secure Storage Key.
The TSK is derived from the SSK and the TA UUID. This improves
isolation between TAs, and makes it impossible to read the data of a
TA from another TA after manually moving files in the REE filesystem
for instance.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
/optee_os/core/tee/
H A Dtee_fs_key_manager.cfde4a756bfc837d36bae74853194f0f6646e7b36 Tue Aug 02 08:33:57 UTC 2016 Jerome Forissier <jerome.forissier@linaro.org> storage: encrypt the FEK with a TA-specific key

The File Encryption Key is now encrypted with a Trusted application
Storage Key (TSK) rather than directly with the Secure Storage Key.
The TSK is derived from the SSK and the TA UUID. This improves
isolation between TAs, and makes it impossible to read the data of a
TA from another TA after manually moving files in the REE filesystem
for instance.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
H A Dtee_rpmb_fs.cfde4a756bfc837d36bae74853194f0f6646e7b36 Tue Aug 02 08:33:57 UTC 2016 Jerome Forissier <jerome.forissier@linaro.org> storage: encrypt the FEK with a TA-specific key

The File Encryption Key is now encrypted with a Trusted application
Storage Key (TSK) rather than directly with the Secure Storage Key.
The TSK is derived from the SSK and the TA UUID. This improves
isolation between TAs, and makes it impossible to read the data of a
TA from another TA after manually moving files in the REE filesystem
for instance.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>