ARM Trusted Firmware Evolution HKG15 February Andrew Thoelke Systems & Software, ARM

Size: px

Start display at page:

Download "ARM Trusted Firmware Evolution HKG15 February Andrew Thoelke Systems & Software, ARM"

Christina McGee
5 years ago
Views:

1 ARM Trusted Evolution HKG15 February 2015 Andrew Thoelke Systems & Software, ARM 1

2 ARM Trusted for 64-bit ARMv8-A A refresher Standardized EL3 Runtime For all 64-bit ARMv8-A systems Reducing porting and integration work For SoC and Trusted OS developers App EL0 Normal World OS EL1/EL2 TOS library via ioctl TOS driver Trusted App Secure-EL0 Trusted OS Secure-EL1 Reusable, reference implementations Power State Coordination Interface (PSCI) SMC Calling Convention Configuration of ARM hardware ARM Trusted EL3 Porting interface between Trusted and SoC/ platform SoC/platform port Interface between Trusted and Trusted OS Dispatcher TOS specific protocol via SMC TOS specific protocol and mechanism Trusted OS Dispatcher Running on ARMv8-A FVPs and Juno and nearly all new ARMv8-A platforms SoC supplier OS/hypervisor supplier ARM Trusted Trusted OS supplier Trusted App supplier Internal TOS interface 2

3 ARM Trusted for 64-bit ARMv8-A A refresher Reference boot flows For 64-bit ARMv8-A systems Open Source at GitHub BSD License Contributors welcome We have just released v1.1 RESET BL3 0 SCP Runtime System & Power Control BL0 SCP Boot ROM Platform Boot Initialization SCP Adds authentication to Trusted Board Boot Many partners porting RESET Trusted World BL2 Trusted Boot Trusted Board Boot BL1 AP Boot ROM Trusted Board Boot 1 st level Boot Loader (BL1) loads 2 nd level image BL3 2 Secure-EL1 Payload BL3 1 EL3 Runtime SMCCC World Switch Library Trusted OS Kernel PSCI S-EL1 Payload Dispatch Application Processor (AP) 2 nd level Boot Loader (BL2) loads all 3 rd level images Normal World BL3 3 Non-Trusted (e.g. U-Boot, EDK2) Key SCP Execution EL3 Execution Secure-EL1 Execution EL2 Execution Loading 3

Celebration Initial binaries in Linaro AArch64 release Source code at GitHub and LCU13 announcement Mythbusting misconceptions at LCA14 Early

4 The story so far Feb 13 Conception Jun 13 Initiation ARM has idea of providing reference EL3 software ARM project scope and proposal Jul 13 Communication Discussions with partners at LCE13 Sep 13 Implementation Oct 13 Introduction Mar 14 Clarification May 14 Adoption Sep 14 Celebration Initial binaries in Linaro AArch64 release Source code at GitHub and LCU13 announcement Mythbusting misconceptions at LCA14 Early adopters port to silicon Juno port OP-TEE support at LCU14 Feb 15 Evolution Complete PSCI 0.2 Start PSCI 1.0 and Trusted Board Boot Porting to 96Boards at HKG15 4

5 5 Introducing TBBR and PSCI 1.0

Trusted Board Boot Reference implementation of the ARM TBBR specification Prototype for FVP and Juno Image authentication from Root of Trust Keys in chain of trust managed using X.

509 SCP Trusted ROM SCP Trusted RAM AP Trusted ROM AP Trusted RAM (on chip) Trusted RAM (on or off chip) PWR ON SCP Boot ROM PWR BL0 AP Boot ON ROM BL1 Waiting SCP Boot ROM BL0 SCP Runtime Running

6 Trusted Board Boot Reference implementation of the ARM TBBR specification Prototype for FVP and Juno Image authentication from Root of Trust Keys in chain of trust managed using X.509v3 certificates Optionally included in BL1 and BL2 Uses PolarSSL (mbed TLS) for cryptography and X.509 SCP Trusted ROM SCP Trusted RAM AP Trusted ROM AP Trusted RAM (on chip) Trusted RAM (on or off chip) PWR ON SCP Boot ROM PWR BL0 AP Boot ON ROM BL1 Waiting SCP Boot ROM BL0 SCP Runtime Running BL30 Incremental copy from AP Trusted RAM to SCP Trusted RAM Trusted Boot Waiting BL2 Trusted Boot BL2 SCP Runtime via SMC in BL1 BL30 Non-Trusted RAM TBBR Chain of Trust Still to come: recovery, optional features Flexibility for alternative cryptography implementation and chains of trust Optimisation Loading and Authentication External Hand-Off API Internal Hand-Off API SCP/AP Boundary Key No Execution SCP Execution EL3 Execution Secure-EL1 Execution EL1/EL2 Execution Explicit API Usage Implicit API Usage EL3 Runtime BL31 Waiting EL3 Runtime BL31 Running Secure-EL1 Payload BL32 Detailed boot flow on Juno Non-Trusted BL33 Running (optional) Trusted/Non-Trusted Boundary Linux Kernel Running 6

7 Power State Coordination Interface PSCI 1.0 Released February 2015 It s on ARM Infocenter No click through Culmination of lots of work involving OS vendors and silicon vendors Aligned with Device Tree and ACPI Simple migration path from PSCI 0.2 lots of new optional features Trusted will be implementing these through 2015 Feedback is always welcome As with all ARM specifications you can us direct on errata@arm.com 7

8 What s new in PSCI 1.0 Better match to HW - Richer set of options Core changes: Removed assumptions on power domain layout to allow better match to hardware Improved ability for implementation to describe features to the OS Improved diagnostics: Can optionally provide physical power state from power controller Can optionally provide statistics on power state usage and residency More options for Idle management: New OS Initiated mode allows precise control from the OS You can trade off OS vs firmware complexity depending on your application Improved support for suspend to RAM, and for debug 8

9 What happens next depends on you ARM Trusted has been rapidly adopted for ARMv8-A based platforms It will be running in many products this year It s about to get easier to start experimenting with secure software on ARMv8-A We would like upstream platform support for all 96Boards devices OP-TEE works out of the box We are always keen to hear your feedback Tell us what s broken Tell us what s missing Send us your improvements new contributions are always welcome 9

10 10 Thank you

ARM Trusted Firmware From Embedded to Enterprise. Dan Handley

ARM Trusted Firmware From Embedded to Enterprise Dan Handley Agenda Quick recap Project news Security hardening AArch32 support ENGINEERS AND DEVICES WORKING TOGETHER Other enhancements Translation table