+Cyrille
Hi Nicolas,
On mer., 2022-08-17 at 10:29 -0400, Nicolas Dufresne wrote:
Caution: EXT Email
Hi Folks,
Le mardi 16 août 2022 à 11:20 +0000, Olivier Masse a écrit :
Hi Brian,
On ven., 2022-08-12 at 17:39 +0100, Brian Starkey wrote:
Caution: EXT Ema
[...]
Interesting, that's not how the devices I've worked on operated.
Are you saying that you have to have a display controller driver running in the TEE to display one of these buffers?
In fact the display controller is managing 3 plans : UI, PiP and video. The video plan is protected in secure as you can see on slide 11:
https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstatic.lin...
just wanted to highlight that all the WPE/GStreamer bit in this presentation is based on NXP Vendor Media CODEC design, which rely on their own i.MX VPU API. I don't see any effort to extend this to a wider audience. It is not explaining how this can work with a mainline kernel with v4l2 stateful or stateless drivers and generic GStreamer/FFMPEG/Chromium support.
Maybe Cyrille can explain what it is currently done at NXP level regarding the integration of v4l2 with NXP VPU.
I'm raising this, since I'm worried that no one cares of solving that high level problem from a generic point of view. In that context, any additions to the mainline Linux kernel can only be flawed and will only serves specific vendors and not the larger audience.
Another aspect, is that this design might be bound to a specific (NXP ?) security design. I've learn recently that newer HW is going to use multiple level of MMU (like virtual machines do) to protect the memory rather then marking pages. Will all this work for that too ?
our fire-walling hardware is protecting memory behind the MMU and so rely on physical memory layout. this work is only relying on a reserved physical memory.
Regards, Olivier
regards, Nicolas