Linux 5.6 Crypto Code Brings The New AMD TEE Driver

Herbert Xu sent in all of the crypto subsystem changes on Tuesday for the in-development Linux 5.6 kernel. Interesting us the most out of this crypto work is the AMD Trusted Execution Environment (TEE) driver.

This AMD TEE driver that is part of this crypto pull is for providing Trusted Execution / Secure Processor support on newer AMD platforms. The current AMD TEE support is focused on Raven Ridge APUs.

The AMD-TEE driver is focused on current APUs, supports sharing memory between the normal and secure worlds, and acts as a "Rich Execution Environment" bridge for submitting commands to the secure processor. Running on the AMD Secure Processor meanwhile is the "AMD-TEE Trusted OS" that is loaded via firmware. The TEE is designed for areas like content protection / digital rights management, identification / authentication purposes, and other access rights handling.

With Linux 5.6 there is that AMD-TEE driver and the Raven Ridge hardware support. Other crypto work for Linux 5.6 includes AVX poly1305 optimizations, various i.MX8M additions, BCM2711 support within iproc-rng200 (this is the SoC within the Raspberry Pi 4), and other additions.

The lengthy list of Linux 5.6 crypto changes can be found via this mailing list post.