TEE
TEE brief introduction
The full name of TEE is Trust Executed Environment. TEE is mainly used on mobile phones and IoT devices. For example, sensitive operations related to user fingerprint identification and payment are processed in TEE. Sensitive information is also encrypted and stored by TEE. in a trusted location.
TEE Feature
TEE has several proprietary features, which are explained in advance so that readers can understand the content below.
REE, on mobile phones REE refers to Android, which is a non-safe system.
bl1.bin, bl2.bin, bl31.bin, bl32.bin, bl33.bin, the first two bl* are mainly related to boot and image loading, bl31 is responsible for managing SMC (Secure Monitor Control) execution processing and interruption, bl32 is TEE System image, bl33 is REE system image, which is Linux Kernel, uboot and the like.
The full name of TA is Trusted Application. Since there are trusted applications, there are also untrusted applications. The untrusted applications are called CA (Client Application). REE obtains the services provided by TEE by calling CA. Each CA corresponds to A TA, which calls the API provided by the TEE to satisfy the request from the CA. Each TA is identified by a unique UUID.
TEE Secure Storage
TEE Secur