AMD's TEE Driver For Loading "Trusted Applications" On Their Secure Processor Under Linux

Written by Michael Larabel in AMD on 26 November 2019 at 11:17 AM EST. 9 Comments
AMD
A few weeks back AMD published a TEE "Trusted Execution Environment" driver for APUs on Linux for utilizing the controversial AMD Secure Processor.

The AMD Secure Processor / PSP is what's been built into their processors for a half-decade now for providing a secure hardware environment similar to Intel's Management Engine. This ARM-based secure processor is now seeing a Trusted Execution Environment driver for Linux.

The AMD-TEE driver is for volleying sensitive data / secure trusted applications. One of the motivating factors for this AMD APU TEE driver is for writing a trusted application providing Digital Rights Management for multimedia content protection. This goes along with what we've been seeing recently with the AMD graphics driver adding HDCP support and these security / rights management bits seemingly being done for the likes of AMD-powered Google Chromebooks.

It wouldn't be surprising if this TEE-based DRM is also being pursued for the Chromebooks use-case... There isn't much of an AMD APU desktop use-case otherwise for TEE/DRM and likely explains why this driver is only coming now while the AMD Secure Processor has been in hardware for years.

Their TEE driver amounts to just over one thousand lines of new code, building upon the kernel's existing TEE subsystem that to date has been mostly led by the ARM stakeholders. The driver allows for loading trusted application binaries into the trusted environment, starting/closing sessions, mapping shared memory, and related operations.

For those not fond of these trusted/secure features, once this code makes it into the mainline kernel can be disabled with the AMDTEE Kconfig switch.
9 Comments
Related News
New AMD Linux Patch Acknowledges More Zen 5 CPU Models
AMD Prepping Fixes & Enhancements For P-State CPUFreq Driver
AMD SEV-SNP Hypervisor Support Nears The Mainline Linux Kernel
AMD Announces Versal Gen 2 Adaptive SoCs - AI Focused & Newer Arm Cores
SolidRun Launches Bedrock R8000 As First Industrial PCs With Ryzen Embedded 8000 Series
AMD Announces Ryzen Embedded 8000 Series With Focus On Industrial AI
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Fedora Linux 40 Available For Download As A Wonderful Upgrade
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"