Lcu14 107- op-tee on ar mv8

Post on 13-Jun-2015

990 views 7 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

LCU14-107: OP-TEE on ARMv8 --------------------------------------------------- Speaker: Jens Wiklander Date: September 15, 2014 --------------------------------------------------- ★ Session Summary ★ SWG is porting OP-TEE to ARMv8 using Fixed Virtual Platform. Initially OP-TEE is running secure world in aarch32 mode, but with the normal world code running in aarch64 mode. Since ARMv8 uses ARM Trusted Firmware we have patched it with an OP-TEE dispatcher to be able to communicate between secure and normal world. --------------------------------------------------- ★ Resources ★ Zerista: http://lcu14.zerista.com/event/member/137710 Google Event: https://plus.google.com/u/0/events/c0ef114n77bhgbns9vb85g9n6ak Presentation: http://www.slideshare.net/linaroorg/lcu14-107-optee-on-ar-mv8 Video: https://www.youtube.com/watch?v=JViplz-ah9M&list=UUIVqQKxCyQLJS6xvSmfndLA Etherpad: http://pad.linaro.org/p/lcu14-107 --------------------------------------------------- ★ Event Details ★ Linaro Connect USA - #LCU14 September 15-19th, 2014 Hyatt Regency San Francisco Airport --------------------------------------------------- http://www.linaro.org http://connect.linaro.org

Transcript of Lcu14 107- op-tee on ar mv8

LCU14 BURLINGAME

Jens Wiklander, LCU14

LCU14-107: OP-TEE on ARMv8

OP-TEE OverviewOP-TEE is an Open Source TEE and is the result of collaboration work between STMicroelectronics and Linaro (Security Working Group).

It contains the complete stack from normal world client API's (optee_client), the Linux kernel TEE driver (optee_linuxdriver) and the Trusted OS and the secure monitor (optee_os).

https://github.com/OP-TEE/optee_client
https://github.com/OP-TEE/optee_linuxdriver
https://github.com/OP-TEE/optee_os

OP-TEE is an Open Source TEE and is the result of collaboration work between STMicroelectronics and Linaro (Security Working Group).

It contains the complete stack from normal world client API's (optee_client), the Linux kernel TEE driver (optee_linuxdriver) and the Trusted OS and the secure monitor (optee_os).

OP-TEE Overview

https://github.com/OP-TEE/optee_client
https://github.com/OP-TEE/optee_linuxdriver
https://github.com/OP-TEE/optee_os

● ARMv8-A comes with ARM Trusted Firmware (ATF)

● ATF runs at EL3 and is in charge of● Trusted Boot● Power State Coordination Interface (PSCI)● Secure Monitor Calls (SMC) Calling Convention

● OP-TEE OS runs at Secure EL1 (S-EL1) and need to cooperate with ATF

ARM Trusted Firmware

● The secure monitor runs at EL3 and need to be located within ATF

● A secure monitor in ATF is called a Dispatcher

● The Dispatcher is responsible to act as a Secure Monitor and interface with the Trusted OS running at S-EL1

● There is already one Dispatcher in ATF, Test Secure Payload Dispatcher (TSPD)

● To interface with OP-TEE OS we need a new Dispatcher, OP-TEE Dispatcher (OPTEED)

Secure Monitor

● OPTEED works in principle like TSPD but● handles SMCs specific to OP-TEE● handles FIQ and IRQ routing specific to OP-TEE● starts OP-TEE OS in Aarch32

● The dispatcher is transparent to normal world● No dispatcher specific changes in the OP-TEE Linux Driver

OP-TEE Dispatcher

● OP-TEE OS runs in AArch32 mode to minimize the initial effort to port to ARMv8-A

● The internal Secure Monitor is replaced with an interface to work with the OP-TEE Dispatcher in ARM Trusted Firmware

OP-TEE OS

● Ported to AArch64 since normal world is running in AArch64 mode

● Linux driver is limited to SMC32 (as defined by ARM SMC Calling Convention) calls since OP-TEE OS is still in Aarch32

OP-TEE Client and Linux Driver

● OP-TEE source available at http://github.com/OP-TEE

● ATF source available at https://github.com/ARM-software/arm-trusted-firmware

● If the OP-TEE dispatcher has not been merged yet, it can be found in pull request: https://github.com/ARM-software/arm-trusted-firmware/pull/188

Source code

http://github.com/OP-TEE
https://github.com/ARM-software/arm-trusted-firmware
https://github.com/ARM-software/arm-trusted-firmware/pull/188

More about Linaro Connect: connect.linaro.org Linaro members: www.linaro.org/membersMore about Linaro: www.linaro.org/about/

http://connect.linaro.org
http://www.linaro.org/members
http://www.linaro.org/about/

Top related

LCU14 503 - What To Do About ADF?
 Software
Lcu14 312-Introduction to the Ecosystem day
 Software
LCU14 106- QEMU for ARMv8 and the 64-bit android emulator
 Software
LCU14 406 A QUICK TAKE ON ENERGY-AWARE SCHEDULING
 Software
LCU14 Llightning Talk- Docker-101
 Software
LCU14 203 - Lava Use Cases- Upstream Kernel CI
 Technology
LCU14 307- Advanced Toolchain Usage (parts 1&2)
 Software
Jim Zemlin LCU14 Keynote
 Software
LCU14 400 - Managing a LAVA Lab Using New Debian Packages
 Software
LCU14 509- Overview of QA Reports
 Software
LCU14 310- Cisco ODP v2
 Software
LCU14 100-dalvik is dead long live dalvik
 Software
 · tee tee tee . Created Date: 8/18/2014 4:42:13 PM
 Documents
LCU14 502 Android_User_Space_Tests
 Software
LCU14 300- Open Stack and KVM on ARM Servers
 Software
LCU14 301- Hadoop and Open JDK on ARM Servers
 Software
LCU14 404 - LAVA & VLANS - Complex Networks On Demand
 Software
Lcu14 306 - OP-TEE Future Enhancements
 Software
tee tee tee
 Documents
LCU14 311- Advanced Toolchain Usage (parts 1&2)
 Software

Copyright © 2022 FDOCUMENTS