When the Normal World (Linux) needs to encrypt a packet, it cannot touch the key directly. Instead, it issues a "Secure Monitor Call" (SMC). The processor context-switches into the Secure World, performs the encryption using the hidden key, and returns only the ciphertext to the Normal World.
: Protects session keys and Job Descriptor Key Encryption Keys (JDKEKs) that are cleared upon reset. Runtime Integrity Checking (RTIC) qoriq trust architecture 21 user guide
Understanding the Qoriq Trust Architecture 21: A Comprehensive User Guide When the Normal World (Linux) needs to encrypt
Tracks the security state of the system (Check, Trusted, Non-Secure, or Soft-Fail) to gate access to sensitive resources. Key Features qoriq trust architecture 21 user guide