Intel TME and AMD SME (both on boot discardable unique memory encryption technologies running in silicon) are both pretty common in consumer grade hardware and has great Linux kernel support.
Both Android and iPhone's use their secure enclave's for storing their encryption keys limiting the effective targets of these attacks (and would be quite difficult to physically extract from).
I suppose this is still useful for older hardware and ultra budget phones... But this is a protection against state actors and high end espionage which wouldn't use those classes of devices...
Soooooo who is this for? What threat model is this meaningful for? In what world am I trusting a random unaudited security module that taints my kernel for _any_ security sensitive application?
replies(1):