Home
The GoTEE framework implements concurrent instantiation of TamaGo based unikernels in privileged and unprivileged modes, interacting with each other through monitor mode and custom system calls.
With these capabilities GoTEE implements a TamaGo based Trusted Execution Environments (TEE), bringing Go memory safety, convenience and capabilities to bare metal execution within TrustZone Secure World or equivalent isolation technology.
GoTEE can supervise pure Go, Rust or C based freestanding Trusted Applets, implementing the GoTEE API, as well as any operating system capable of running in TrustZone Normal World such as Linux.
This tutorial introduces the API implemented by the GoTEE project which allows multiple execution domains under a trusted TamaGo unikernel.
The tutorial is implemented in the GoTEE example.
See the GoTEE-example repository and its README for compilation/execution instructions.
The GoTEE package API documentation can be found on pkg.go.dev.
The following table summarizes currently supported SoCs and boards.
| SoC | Board | SoC package | Board package |
|---|---|---|---|
| NXP i.MX6ULZ | USB armory Mk II | imx6ul | usbarmory/mk2 |
| NXP i.MX6ULL | MCIMX6ULL-EVK | imx6ul | mx6ullevk |
- Armored Witness - cross-ecosystem witness network
Andrea Barisani
andrea.barisani@withsecure.com | andrea@inversepath.com
Andrej Rosano
andrej.rosano@withsecure.com | andrej@inversepath.com
GoTEE | https://github.com/usbarmory/GoTEE
Copyright (c) WithSecure Corporation
These source files are distributed under the BSD-style license found in the LICENSE file.