OP-TEE Using TrustZone to Protect Our Own Secrets

Similar documents
OP-TEE Using TrustZone to Protect Our Own Secrets

Designing Security & Trust into Connected Devices

Designing Security & Trust into Connected Devices

Designing Security & Trust into Connected Devices

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop

How to protect Automotive systems with ARM Security Architecture

The Next Steps in the Evolution of Embedded Processors

Smart Antennas and Hypervisor: Enabling Secure Convergence. July 5, 2017

Embedded System Security Mobile Hardware Platform Security

Lecture 3 MOBILE PLATFORM SECURITY

Embedded System Security Mobile Hardware Platform Security

SMART DEVICES: DO THEY RESPECT YOUR PRIVACY?

A Developer's Guide to Security on Cortex-M based MCUs

Tailoring TrustZone as SMM Equivalent

Trustzone Security IP for IoT

ARM Security Solutions and Numonyx Authenticated Flash

Mobile Platform Security Architectures A perspective on their evolution

What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones. Richard Phelan Media Processing Division TrustZone Security Technology

Securing the System with TrustZone Ready Program Securing your Digital World. Secure Services Division

ARM Trusted Firmware Evolution HKG15 February Andrew Thoelke Systems & Software, ARM

Resilient IoT Security: The end of flat security models

ARM TrustZone for ARMv8-M for software engineers

HKG Android Verified Boot 2.0 and U-boot. Igor Opaniuk, Texas Instruments

Beyond TrustZone PSA. Rob Coombs Security Director. Part1 - PSA Tech Seminars Arm Limited

SFO15-200: TEE kernel driver

GlobalPlatform Trusted Execution Environment (TEE) for Mobile

SIERRAWARE SIERRATEE FOR MIPS OMNISHIELD

ARM Server s Firmware Security

Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development

Protecting your system from the scum of the universe

KVM/ARM. Marc Zyngier LPC 12

ARM Trusted Firmware From Embedded to Enterprise. Dan Handley

Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices

Provisioning secure Identity for Microcontroller based IoT Devices

Building Trust Despite Digital Personal Devices

Designing, developing, debugging ARM Cortex-A and Cortex-M heterogeneous multi-processor systems

Booting Linux Fast & Fancy. Embedded Linux Conference Europe Cambridge, Robert Schwebel

AMD Security and Server innovation

Protecting your system from the scum of the universe

Securing IoT with the ARM mbed ecosystem

Fundamentals of HW-based Security

Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

Beyond TrustZone Part 1 - PSA

ECE 471 Embedded Systems Lecture 16

Dynamic secure firmware configuration. Dan Handley (Arm)

Lecture Secure, Trusted and Trustworthy Computing Mobile Hardware Platform Security

QSEE TrustZone Kernel Integer Overflow Vulnerability

Designing with NXP i.mx8m SoC

Bringing display and 3D to the C.H.I.P computer

HOW TO INTEGRATE NFC FRONTENDS IN LINUX

Leverage Vybrid's asymmetrical multicore architecture for real-time applications by Stefan Agner

Xen Automotive Hypervisor Automotive Linux Summit 1-2 July, Tokyo

The Early System Start-Up Process. Group Presentation by: Tianyuan Liu, Caiwei He, Krishna Parasuram Srinivasan, Wenbin Xu

Bringing display and 3D to the C.H.I.P computer

CIS 4360 Secure Computer Systems Secured System Boot

Presentation's title

Freescale i.mx6 Architecture

Pushing The Limits Of Linux On ARM

96Boards - TV Platform

Porting U-Boot and Linux on new ARM boards: a step-by-step guide

ARM Cortex-A9 ARM v7-a. A programmer s perspective Part1

Embedded Linux Conference Europe Sascha Hauer

Introducing Poplar: First 96Boards TV Platform. Mark Gregotski, Director LHG Hermit Wang, SW Architect, Digital Media IC & Solutions HiSilicon

ECE 471 Embedded Systems Lecture 12

Connecting Securely to the Cloud

Resilient IoT Security: The end of flat security models. Milosch Meriac IoT Security Engineer

TRUSTED COMPUTING TECHNOLOGIES

FTF-CON-F0403. An Introduction to Heterogeneous Multiprocessing (ARM Cortex -A + Cortex- M) on Next-Generation i.mx Applications Processors

ODP Relationship to NFV. Bill Fischofer, LNG 31 October 2013

Titan silicon root of trust for Google Cloud

EC H2020 dredbox: Seminar School at INSA Rennes

Implementing Secure Software Systems on ARMv8-M Microcontrollers

Bringing Android to Secure SDRs

New Approaches to Connected Device Security

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

TZMP-1 Software Reference Implementation. Ken Liu 2018-Mar-12

i.mx 7 - Hetereogenous Multiprocessing Architecture

The Next Steps in the Evolution of ARM Cortex-M

Xenbedded: Xen-based client virtualization for phones and tablets

Arm TrustZone Armv8-M Primer

The Future of Security is in Open Silicon Linux Security Summit 2018

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD

Mobile & IoT Market Trends and Memory Requirements

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

Introduction to Sitara AM437x Processors

OS Security IV: Virtualization and Trusted Computing

Real-Timeness and System Integrity on a Asymmetric Multi Processing configuration

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

CISC RISC. Compiler. Compiler. Processor. Processor

ARMv8: The Next Generation. Minlin Fan & Zenon Xiu December 8, 2015

Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho. Titan: enabling a transparent silicon root of trust for Cloud

ARM Powered SoCs OpenEmbedded: a framework for toolcha. generation and rootfs management

ECE 471 Embedded Systems Lecture 16

M2351 Security Architecture. TrustZone Technology for Armv8-M Architecture

Porting Linux to a new SoC

Back To The Future: A Radical Insecure Design of KVM on ARM

Overview. Wait, which firmware? Threats Update methods request_firmware() hooking Regression testing Future work

Building High Performance, Power Efficient Cortex and Mali systems with ARM CoreLink. Robert Kaye

Market Trends and Challenges in Vehicle Security

Transcription:

OP-TEE Using TrustZone to Protect Our Own Secrets ROM-Code Bootloader OP-TEE Kernel Root File System ELC Europe 2017, 23.10.2017 Marc Kleine-Budde <mkl@pengutronix.de> Slide 1 - http://www.pengutronix.de - 2017-10-23

Overview ARM architecture overview ARM TrustZone Trusted Execution Environment Open Portable Trusted Execution Environment Slide 3 - http://www.pengutronix.de - 2017-10-23

What is a TEE? Trusted Execution Environment small OS-like environment isolated from normal operating system (e.g. Linux) rich OS Allows lications to execute, process, protect and store sensitive data Rich OS is often target of malware and attackers Design applications so that sensitive functions can be offloaded to the TEE as Trusted lications. API standardized by GlobalPlatform TEE internal APIs for Trusted lication communication interfaces between rich OS lications and Trusted lications Slide 4 - http://www.pengutronix.de - 2017-10-23

What is a TEE? (cont'd) Functionality Rich OS Rich OS TEE TEE SE SE Security Slide 5 - http://www.pengutronix.de - 2017-10-23

ARM architecture usr svc OS ARM SoC Slide 6 - http://www.pengutronix.de - 2017-10-23

ARM architecture with TrustZone Normal world Secure world usr usr (secure state) Trusted svc svc (secure state) OS Trusted OS mon (secure state) Secure Monitor ARM SoC Slide 7 - http://www.pengutronix.de - 2017-10-23

ARM architecture with TrustZone (cont'd) Provides a complete virtual system for secure computing Divide hardware and software into separate partitions ( worlds ) one is trusted ( secure world ) the other not ( Normal world ) Limited and tightly defined ways to get from one world to the other secure monitor Slide 8 - http://www.pengutronix.de - 2017-10-23

ARM TrustZone in detail Source: http://genode.org/documentation/articles/trustzone Slide 9 - http://www.pengutronix.de - 2017-10-23

ARM TrustZone in detail (cont'd) Security Extensions to ARM processors Supported by ARM1176 Cortex-A series (ARMv7-A, ARMv8-A) ARMv8-M System-wide hardware isolation SRAM DRAM CPU configuration registers peripherals SoC design has impact on practical usefulness of security features Slide 10 - http://www.pengutronix.de - 2017-10-23

ARM TrustZone switching worlds Secure World entry Hardware-controlled automatic partly configurable By exception Reset CPU always starts secure Secure Monitor Call SMC #n instruction analogous to Supervisor Call (SVC) always handled in Secure World IRQ, FIQ, Data abort configurable (by secure software) Non-Secure World entry Software-controlled Typically set SCR.NS return from execption Slide 11 - http://www.pengutronix.de - 2017-10-23 Reset Secure hardware software Non-Secure

What is OP-TEE? Started as closed source implementation by some mobile, telco and chip vendors Since 2015 Open Source (BSD license), owned and maintained by Linaro In 2017 the TEE driver went mainline with v4.12 Small and simple TEE Relies on rich OS to schedule TEE Based on ARM TrustZone to provide isolation of the TEE from the rich OS in hardware Runs on ~20 platforms 32 bit: ARMv7-A 64 bit: ARMv8-A Slide 12 - http://www.pengutronix.de - 2017-10-23

OP-TEE architecture Non-Secure world Secure world usr Native usr (secure state) optee_client TEE Supplicant Wrapper API (optional) Trusted optee_os GlobalPlatform TEE Client API GlobalPlatform TEE internal API svc mon (secure state) svc (secure state) TEE Driver Storage... Secure Monitor TEE core HAL optee_linuxdriver ARM SoC Source: https://www.linaro.org/blog/core-dump/op-tee-open-source-security-mass-market/ Slide 13 - http://www.pengutronix.de - 2017-10-23 TEE functions/libs (crypto...)

OP-TEE in detail The OP-TEE consists of three parts Normal World, User Mode TEE client library tee-supplicant file system access access to shared resources Normal World, Priviledged Mode Linux kernel TEE subsystem Linux kernel TEE device driver Secure world, Priviledged Mode Trusted OS (optee_os) TEE contains public key Trusted lications are singed and can be loaded from the Normal World into the TEE Slide 14 - http://www.pengutronix.de - 2017-10-23

OP-TEE - Trusted Boot ARMv7-A: i.mx6 SoC ROMCode Fuses Pubkey Signature Boot Loader OP-TEE incl. Pubkey Slide 15 - http://www.pengutronix.de - 2017-10-23 For details on trusted boot see my talk from ELCE 2016.

OP-TEE - Boot sequence in ARMv7-A: i.mx6 Non-Secure world Secure world Reset ROM-Code load/check bootloader bootloader (barebox) load/check TEE kernel, DTB, initrd Kernel initialize and run Return from exeption SMC #n request secure service Return from exeption Slide 16 - http://www.pengutronix.de - 2017-10-23 TEE initialize and run TEE - Perform secure service

Observations & What's Missing? Better SoC support more SRAM TrustZone support missing in some peripherals TrustZone: From my (limited) point of view: The concept of moving peripherals into Secure World is complicated on todays SoCs. Think about turning off the clock of the Secure World's I2C, PWM or Ethernet Controller. Support for existing private key storages inside the Linux kernel opengpg/ssh TPM build system feels Android centric make use more use of DT convert config #ifdef to kconfig Slide 17 - http://www.pengutronix.de - 2017-10-23

Summary TEE Trusted Execution Environment Set of APIs to split applications into normal and secure part TrustZone Security extension for ARM processors to partition one SoC into Normal and Secure World Practical usefulness depends on SoC design OP-TEE Open Platform TEE Implements TEE on ARM using TrustZone Slide 18 - http://www.pengutronix.de - 2017-10-23

Q&A @marckleinebudde Slide 19 - http://www.pengutronix.de - 2017-10-23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback