Hi Jens,
I analyzed this a little bit further since last time I wrote. Here what my "believe" at the moment is
* Linux uses the non secure timer in arch_timer (physical/virtual) -> this is correct * OP-TEE uses the secure timer (physical/virtual) -> this is correct * ARM Trusted Firmware by default enables NS_TIMER_SWITCH=1 with opteed, this IMHO unnecessarily stores/restores time registers, setting NS_TIMER_SWITCH=0 seems to solve the issue, my personal tests and also xtest did not show me any issue so far
All this with some uncertainty, I read through quite some code, but I could have missed a case, where something may go wrong I did not see.
Latencies I tested with cycletest. With NS_TIMER_SWITCH=1 this skyrockets (and explains all the other negative consequences) with NS_TIMER_SWITCH=0, everything is back to normal, even doing "heavy" operation like creating 4096 bit RSA keys with OP-TEE.
Thomas