Personally, I've always thought the fact these vulnerabilities keeps happening demonstrates that TrustZone's secure execution environment just isn't designed well.
If you're a phone designer, and you're going to put unlock PIN validation into a trusted execution environment? Sure, makes sense. If you're going to put your widevine DRM code into a trusted execution environment? I guess.
But why did they make a design that means a vulnerability in the DRM code allows an attack on the PIN validation code? That means the attack surface is huge.
You gotta keep these clowns separated if you don't want them spraying each other with water and throwing pies down each other's trousers.
If you're a phone designer, and you're going to put unlock PIN validation into a trusted execution environment? Sure, makes sense. If you're going to put your widevine DRM code into a trusted execution environment? I guess.
But why did they make a design that means a vulnerability in the DRM code allows an attack on the PIN validation code? That means the attack surface is huge.
You gotta keep these clowns separated if you don't want them spraying each other with water and throwing pies down each other's trousers.