Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Presented by
Date
Event
OP-TEE 101
A Gentle Introduction to Trusted
Execution and OP-TEE
Russell Wayman
BKK16-110 March 7,...
What Does This Talk Cover?
● Why Trusted Execution and What is it?
○ Introduces Trusted Execution and GlobalPlatform Stand...
● Russell Wayman
● Project Manager, Member Services, Linaro:
○ Project Manager for the ARM, STMicroelectronics and Qualcom...
Outline
● Trusted Execution and
GlobalPlatform TEE Specifications
● ARM TrustZone®
● OP-TEE
● Trusted Boot
● Getting Start...
Security for Smart Connected Devices
Smart connected devices:
● Smartphones, tablets, digital TV systems...
● For: Social,...
Trusted Execution Environment
● An Isolated Execution Environment.
● Runs alongside a “Rich OS” e.g. Android, Ubuntu.
● Pr...
GlobalPlatform and History of TEE
●
○ Created in 1999 to standardize smart card infrastructure.
○ A non-profit consortium ...
Architecture of Platform with TEE
Hardware Platform
Rich OS (REE)
TEE Client API
Trusted OS
Components
TEE Internal APIs
T...
TEE Client API: Key Concepts
Context: Connection from CA to the Trusted OS.
Session: Connection from CA to TA.
Command: Un...
TEE Client API: Functions
Client API Functions (TEEC_xxx):
InitializeContext,
FinalizeContext
RegisterSharedMemory,
Alloca...
TEE Client API: Principles
● Blocking functions.
● Can use from multiple
concurrent threads.
● Can request cancellation,
○...
Trusted Application APIs required to...
● Communicate with Client Application and other Trusted Applications,
● Store data...
Trusted Application and TEE APIs
Trusted OS
TEE Internal APIs
Trusted Application
Entry Points:
Create
Destroy
OpenSession...
TEE Core API (TEE_xxx functions)
Trusted Storage
Time
Cryptographic
Arithmetical
Property Access
Cancellation Support
Memo...
TEE Core API (TEE_xxx functions)
Trusted Storage Create/Open/Close/…
TransientObject or PersistentObject
Time GetSystemTim...
Other TEE APIs (TEE_xxx functions)
Trusted User Interface API
Create Message Box,
PIN Screen, Login Screen
Secure Element ...
Other TEE APIs (TEE_xxx functions)
Trusted User Interface API
Create Message Box,
PIN Screen, Login Screen
TUICheckTextFor...
GlobalPlatform: What’s Next?
specifications under development:
● TEE Administration Framework,
○ Online and offline method...
Outline
● Trusted Execution and
GlobalPlatform TEE Specifications
● ARM TrustZone®
● OP-TEE
● Trusted Boot
● Getting Start...
ARM Four-Compartment Security Model
User mode/System mode.
Running processes are isolated from
each other by the OS and th...
ARM TrustZone®
1
CPU
Ether-
net
MMC
USB GPU
Graph-
ics
GPIO
UART I2C
System Bus
I-Cache D-Cache
RAM
L2-Cache
Interrupt
Con...
ARM TrustZone®
● Partitions SoC into Normal World and Secure World.
● CPUs can timeslice between worlds.
● Hardware logic ...
ARM TrustZone®
: CPU Architecture
● Extra processor execution level:
● EL3 (ARMv8 - Monitor mode in ARMv7).
● SMC instruct...
ARM TrustZone®
: Memory System
● MMUs provide 2 virtual address
spaces:
● Code in Secure World can access
either address s...
ARM TrustZone®
: System-on-Chip
● Address space partitioning into
Secure/Non-secure regions:
● TrustZone Memory Adaptor
fo...
● Provides hardware foundation for Trusted Execution.
● No guarantee: Trusted OS software must be written correctly!
● Cou...
Outline
● Trusted Execution and
GlobalPlatform TEE Specifications
● ARM TrustZone®
● OP-TEE
● Trusted Boot
● Getting Start...
OP-TEE: Why an Open Source TEE?
● Provides a shared basis for product TEE developments.
○ Collaboration and consolidation ...
History of OP-TEE
2008 2009 2010 2013 2014 2015
OP-TEE
Linaro
becomes
owner of
OP-TEE.
GlobalPlatform
certified.
OP-TEE: What’s Implemented?
Client API v1.0
Internal Core API v1.1
● Internal Client API
● Property Access
● Cancellation ...
OP-TEE: What’s Implemented?
Client API v1.0
Internal Core API v1.1
● Internal Client API
● Property Access
● Cancellation ...
OP-TEE: Architecture
Client
App Dynamic
Trusted
App
Generic TEE API (ioctl)
TEE Client
API
OP-TEE
Trusted OS
TEE Internal
...
OP-TEE: Linux Kernel Subsystem
Client
App
Generic TEE API (ioctl)
TEE Client
API
Client
App
Normal World
tee-
supplicant
U...
OP-TEE: Managing Trusted Apps
Dynamic
Trusted
App
OP-TEE
Trusted OS
TEE Internal
APIs
Secure World
Dynamic
Trusted
App
Use...
OP-TEE: Communication & Scheduling
Dynamic
Trusted
App
OP-TEE
Trusted OS
TEE Internal
APIs
Dynamic
Trusted
App
User
Kernel...
OP-TEE: Trusted Storage
Normal World
Secure World
tee-
supplicant
Trusted App
TEE driver
RPC call
Linux File
System
● Impl...
OP-TEE: Paging
● OP-TEE uses ~256KiB RAM for kernel memory:
○ SRAM is normally somewhere between 64-256KiB.
● Running in T...
OP-TEE: Cryptographic Libraries
● Default cryptographic software library in OP-TEE is LibTomCrypt.
● TEE Cryptographic Ope...
OP-TEE: What’s Next?
● Ongoing:
○ Upstream OP-TEE’s Linux kernel driver,
○ Enhance Secure Storage:
■ Block-based, roll-bac...
Outline
● Trusted Execution and
GlobalPlatform TEE Specifications
● ARM TrustZone®
● OP-TEE
● Trusted Boot
● Getting Start...
Hardware Platform
Flash Bootloader
Trusted Boot
ROM SoC Bootloader
Secure OS BootNormal World Bootloader
Normal World OS
S...
ARM Trusted Firmware
● An open-source reference implementation of firmware for ARMv8
Platforms, providing trusted boot and...
Outline
● Trusted Execution and
GlobalPlatform TEE Specifications
● ARM TrustZone®
● OP-TEE
● Trusted Boot
● Getting Start...
Getting Started with OP-TEE and
$ sudo apt-get install android-tools-fastboot autoconf bison cscope curl 
flex gdisk libc6...
Getting Started: Running OP-TEE
Type:
c
on QEMU
command line
Type:
modprobe optee_armtz
tee-supplicant&
on serial console command
line
Type:
xtest
on serial console command
line
OP-TEE Test suite (xtest)
is running!
The End
Questions?
Further Information
● GlobalPlatform TEE Specifications
● ARM Trusted Base System
Architecture
● OP-TEE
● ARM Trusted Firm...
GlobalPlatform TEE Specifications
1. TEE Systems Architecture v1.0 – explains the hardware and software architectures behi...
ARM Trusted Base System Architecture
● ARM Document RM DEN0007
○ Available under NDA from ARM
● Describes the requirements...
OP-TEE on GitHub
● In GitHub: See https://github.com/OP-TEE
● README at
https://github.com/OP-TEE/optee_os/blob/master/REA...
Presentations on OP-TEE (1/2)
LCU14-103: How to create and run Trusted Applications on OP-TEE
https://www.youtube.com/watc...
Presentations on OP-TEE (2/2)
HKG15-311: OP-TEE for Beginners and Porting Review
https://www.youtube.com/watch?v=Fksx4-bpH...
ARM Trusted Firmware
User Guide on GitHub: https://github.com/ARM-software/arm-trusted-firmware/blob/master/docs/user-guid...
Prochain SlideShare
Chargement dans…5
×

24

Partager

Télécharger pour lire hors ligne

BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE

Télécharger pour lire hors ligne

Smart connected devices such as mobile phones, tablets and Digital TVs are required to handle data with strong security and confidentiality requirements. A “Trusted Execution Environment” (TEE) provides an environment for processing data securely, protected from normal platform applications. This talk is intended as an introduction to Trusted Execution, and the open-source Trusted Execution Environment OP-TEE in particular. It introduces the GlobalPlatform TEE Specifications, explains how Trusted Execution is implemented by ARM TrustZone and OP-TEE, and outlines how trusted boot software manages the secure boot of an ARM platform. Finally, it gives some pointers on how to get started with OP-TEE.

BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE

  1. 1. Presented by Date Event OP-TEE 101 A Gentle Introduction to Trusted Execution and OP-TEE Russell Wayman BKK16-110 March 7, 2016 Linaro Connect BKK16
  2. 2. What Does This Talk Cover? ● Why Trusted Execution and What is it? ○ Introduces Trusted Execution and GlobalPlatform Standards. ○ Provides information on key concepts and architecture. ● Why OP-TEE and What is it? ○ An Open-source Portable Trusted Execution Environment. ● How does OP-TEE work? ○ ARM TrustZone and OP-TEE Design. ● How to get Started with OP-TEE? ● Where to go for more information?
  3. 3. ● Russell Wayman ● Project Manager, Member Services, Linaro: ○ Project Manager for the ARM, STMicroelectronics and Qualcomm Landing Teams. Previously I worked for STMicroelectronics as a Software Development Manager, managing projects in Development Tools, Operating Systems, Security Drivers and Boot Tools. Who am I?
  4. 4. Outline ● Trusted Execution and GlobalPlatform TEE Specifications ● ARM TrustZone® ● OP-TEE ● Trusted Boot ● Getting Started with OP-TEE
  5. 5. Security for Smart Connected Devices Smart connected devices: ● Smartphones, tablets, digital TV systems... ● For: Social, business, purchases, media… Need to protect: ● Bank details and passwords, ● Personal data, photos and video streams, ● Authorised access to mobile networks and online services, ● Paid-for multimedia content in line with digital rights.
  6. 6. Trusted Execution Environment ● An Isolated Execution Environment. ● Runs alongside a “Rich OS” e.g. Android, Ubuntu. ● Provides a higher level of security than the Rich OS. ● Provides trusted services to applications in Rich OS. A Trusted Execution Environment is intended primarily to secure against software attacks or “shack attacks” (low budget hardware attacks). Providing security against tampering and physical attack requires a “Secure Element” such as a Smartcard or Crypto IC.
  7. 7. GlobalPlatform and History of TEE ● ○ Created in 1999 to standardize smart card infrastructure. ○ A non-profit consortium with 130+ members. ○ Develops the standards for secure mobile platforms: ■ Cards, Devices and Systems. ○ Publishes TEE Specifications. ○ Runs TEE Compliance Program and Certification Scheme. ● Key TEE Specifications published: ○ TEE Client API Specification v1.0 July 2010, ○ TEE Internal API Specification v1.0 Dec 2011, ■ Internal Core API v1.1 June 2014.
  8. 8. Architecture of Platform with TEE Hardware Platform Rich OS (REE) TEE Client API Trusted OS Components TEE Internal APIs TEE Comm Agent Trusted Drivers Trusted Core Framework Hardware-secured resources Rich OS Application Environment Trusted Execution Environment Client Applications Trusted Applications
  9. 9. TEE Client API: Key Concepts Context: Connection from CA to the Trusted OS. Session: Connection from CA to TA. Command: Unit of Communication from CA to TA. Shared Memory: Shared buffers allocated by Client API or by CA and registered. Context Rich OS (REE) TEE Client API Trusted OS TEE Internal APIs Client Application (CA) Trusted Application (TA)Session Command Shared Memory
  10. 10. TEE Client API: Functions Client API Functions (TEEC_xxx): InitializeContext, FinalizeContext RegisterSharedMemory, AllocateSharedMemory, ReleaseSharedMemory OpenSession, CloseSession InvokeCommand, RequestCancellation Context Session Command Shared Memory
  11. 11. TEE Client API: Principles ● Blocking functions. ● Can use from multiple concurrent threads. ● Can request cancellation, ○ From another thread! ● Client-side memory allocation, ○ Pointers not opaque handles. ● Source-level portability but not binary-level, ○ So need to recompile for a different Trusted OS. Context Session Command Shared Memory
  12. 12. Trusted Application APIs required to... ● Communicate with Client Application and other Trusted Applications, ● Store data: in heap and secure file system, ● Get the time from system and real-time clocks, ● Use cryptographic operations, ● Get a PIN or login details from a User, ● Communicate with a Secure Element, ● Connect securely to services over the internet.
  13. 13. Trusted Application and TEE APIs Trusted OS TEE Internal APIs Trusted Application Entry Points: Create Destroy OpenSession CloseSession InvokeCommand TEE Core API: Trusted Storage Time Cryptographic Arithmetical Property Access Cancellation Support Memory Management Other TEE APIs: Trusted User Interface API Secure Element API Sockets API
  14. 14. TEE Core API (TEE_xxx functions) Trusted Storage Time Cryptographic Arithmetical Property Access Cancellation Support Memory Management
  15. 15. TEE Core API (TEE_xxx functions) Trusted Storage Create/Open/Close/… TransientObject or PersistentObject Time GetSystemTime/TAPersistentTime/REETime... Cryptographic Cryptographic Functions: Message Digest, Symmetric Cipher, MAC, Authenticated Encryption, Asymmetric Encryption and Decryption, Key Derivation, Random Data Generation Arithmetical Big Integer operations: Conversion, Logical, Basic Arithmetic, Modular Arithmetic... Property Access GetPropertyAs[String, Bool, u32…] , Enumeration... (Configuration Properties associated with TA, Client and TEE) Cancellation Support GetCancellationFlag, MaskCancellation... Memory Management Malloc, Realloc, Free, MemMove...
  16. 16. Other TEE APIs (TEE_xxx functions) Trusted User Interface API Create Message Box, PIN Screen, Login Screen Secure Element API Query the available Readers, Query the Secure Elements, Exchange Data with the SEs Sockets API Include basic network client functionality in a Trusted Application. Supports: UDP/TCP/IP, TLS
  17. 17. Other TEE APIs (TEE_xxx functions) Trusted User Interface API Create Message Box, PIN Screen, Login Screen TUICheckTextFormat, TUIGetScreenInfo, TUIInitSession/CloseSession TUIDisplayScreen Secure Element API Query the available Readers, Query the Secure Elements, Exchange Data with the SEs SEServiceOpen, GetReaders… SEReaderOpenSession... SESessionOpenChannel… SEChannelTransmit… Sockets API Include basic network client functionality in a Trusted Application. Supports: UDP/TCP/IP, TLS open, close, send, recv, error, ioctl
  18. 18. GlobalPlatform: What’s Next? specifications under development: ● TEE Administration Framework, ○ Online and offline methods for installation, update and removal of security domains and Trusted Applications, ● Trusted UI API v1.1, ● TEE Fingerprint Biometry API.
  19. 19. Outline ● Trusted Execution and GlobalPlatform TEE Specifications ● ARM TrustZone® ● OP-TEE ● Trusted Boot ● Getting Started with OP-TEE
  20. 20. ARM Four-Compartment Security Model User mode/System mode. Running processes are isolated from each other by the OS and the MMU. Allows multiple virtual OSs. Each VM isolated from others. Bus masters can be virtualized through System MMU. TrustZone® extensions. System can be physically partitioned into Normal world and Secure world. Physically separate ICs. Offering tamper-proof secured processing and storage. ARM SecurCore™ Processors Normal World Hypervisor Mode Trusted World Secure Elements
  21. 21. ARM TrustZone® 1 CPU Ether- net MMC USB GPU Graph- ics GPIO UART I2C System Bus I-Cache D-Cache RAM L2-Cache Interrupt Controller Timer Security Configuration Register 0 CPU Ether- net MMC USB GPU Graph- ics GPIO UART I2C System Bus I-Cache D-Cache RAM L2-Cache Interrupt Controller Timer Security Configuration Register Partitions SoC into Normal World and Secure World Non-Secure (NS) bit (bit 0) in the Secure Configuration Register in CP15 Normal World Secure World
  22. 22. ARM TrustZone® ● Partitions SoC into Normal World and Secure World. ● CPUs can timeslice between worlds. ● Hardware logic in the bus fabric enforces separation. ● Security-aware debug infrastructure. ● 2004: Introduced in the ARMv6Z architecture. ● 2007: Part of the ARMv7 architecture specification. ● 2013: ARMv8-A architecture introduced changes e.g EL3. ● 2015: ARMv8-M extends TrustZone to the Cortex-M.
  23. 23. ARM TrustZone® : CPU Architecture ● Extra processor execution level: ● EL3 (ARMv8 - Monitor mode in ARMv7). ● SMC instruction causes entry to EL3: ● Secure Monitor Call, ● Vectors execution to a defined location. ● Monitor Software runs at EL3: ● Manages switch between worlds, setting/clearing SCR bit 0. CPU System Bus I-Cache D-Cache Timer Security Configuration Register
  24. 24. ARM TrustZone® : Memory System ● MMUs provide 2 virtual address spaces: ● Code in Secure World can access either address space. ● TLB entries tagged to identify world that entered the data. ● Caches hold data from both states: ● Tag bit to record the world of the transaction. CPU System Bus I-Cache D-Cache RAM L2-Cache Interrupt Controller Timer Security Configuration Register
  25. 25. ARM TrustZone® : System-on-Chip ● Address space partitioning into Secure/Non-secure regions: ● TrustZone Memory Adaptor for on-chip SRAM, ● TrustZone Address Space Controller for off-chip RAM. ● Secure peripherals: ● TrustZone Protection Controller supports run-time switching of security state for peripherals on APB bus. CPU Ether- net MMC USB GPU Graph- ics GPIO UART I2C System Bus I-Cache D-Cache RAM L2-Cache Interrupt Controller Timer Security Configuration Register
  26. 26. ● Provides hardware foundation for Trusted Execution. ● No guarantee: Trusted OS software must be written correctly! ● Could theoretically run full feature-rich OS in Secure World. ● In practice, Secure world software much simpler/smaller: ○Simple: Reduced complexity means less chance of errors, ○Small: Keep key Secure-world resources in on-chip RAM. ●Trusted OS can separate Trusted Applications using MMU. ●Peripherals can be switched into Secure World ○ e.g. for input of PIN or Login details. ARM TrustZone® and Trusted OS
  27. 27. Outline ● Trusted Execution and GlobalPlatform TEE Specifications ● ARM TrustZone® ● OP-TEE ● Trusted Boot ● Getting Started with OP-TEE
  28. 28. OP-TEE: Why an Open Source TEE? ● Provides a shared basis for product TEE developments. ○ Collaboration and consolidation not re-invention/fragmentation. ○ OP-TEE has BSD 2-clause license (GPLv2 for Linux driver, test suite). ● Provides a full example for research and education. ○ Historically hard to learn about Trusted Environments. ● Can be included in reference platform deliveries. ● More eyes on security-critical code! There are commercial Trusted OS products e.g. from Trustonic and Sierraware, why an Open Source one?
  29. 29. History of OP-TEE 2008 2009 2010 2013 2014 2015 OP-TEE Linaro becomes owner of OP-TEE. GlobalPlatform certified.
  30. 30. OP-TEE: What’s Implemented? Client API v1.0 Internal Core API v1.1 ● Internal Client API ● Property Access ● Cancellation Support ● Memory Management ● Trusted Storage ● Time ● Cryptographic ● Arithmetical Trusted UI API v1.1 Secure Element API v1.0 Sockets API v1.0 Not Yet Not Yet
  31. 31. OP-TEE: What’s Implemented? Client API v1.0 Internal Core API v1.1 ● Internal Client API ● Property Access ● Cancellation Support ● Memory Management ● Trusted Storage ● Time ● Cryptographic ● Arithmetical Trusted UI API v1.1 Secure Element API v1.0 Sockets API v1.0 Targets Supported: ARMv7-A ● Allwinner A80 ● ST’s Cannes board (b2120 / b2020) ● Texas Instruments DRA746 ● QEMU ● Freescale: FSL i.MX6 UltraLite EVK Board ● Freescale: FSL ls1021a ARMv8-A ● 96Boards HiKey (HiSilicon Kirin 620) ● ARM Juno board ● MediaTek MT8173 EVB Board ● FVP, Foundation and Fast Models Not Yet Not Yet
  32. 32. OP-TEE: Architecture Client App Dynamic Trusted App Generic TEE API (ioctl) TEE Client API OP-TEE Trusted OS TEE Internal APIs Client App Normal World Secure World tee- supplicant Dynamic Trusted App User Kernel TEE subsystem OP-TEE Msg SMC call Static Trusted App OP-TEE driver
  33. 33. OP-TEE: Linux Kernel Subsystem Client App Generic TEE API (ioctl) TEE Client API Client App Normal World tee- supplicant User KernelTEE subsystem OP-TEE driver ● TEE subsystem: ○ Manages Shared Memory, ○ Provides generic API as ioctl. ● tee-supplicant: ○ Helper process for TEE. ● OP-TEE driver: ○ Forwards command from the Clients to OP-TEE, ○ Manages RPC requests from OP- TEE to the supplicant. For more details, please read optee_design.md at GitHub. OP-TEE Msg SMC call
  34. 34. OP-TEE: Managing Trusted Apps Dynamic Trusted App OP-TEE Trusted OS TEE Internal APIs Secure World Dynamic Trusted App User KernelStatic Trusted App ● Trusted Apps: ○ Static: run in kernel mode, ○ Dynamic: run in user mode: ■ Stored in File System, ■ Loaded by OP-TEE ● Using tee_supplicant. ● MMU L1 Translation tables: ○ Large: 4GiB for OP-TEE kernel, ○ Small tables: 32MiB: ■ TA Virtual Memory, ■ One per thread. OP-TEE Msg SMC call
  35. 35. OP-TEE: Communication & Scheduling Dynamic Trusted App OP-TEE Trusted OS TEE Internal APIs Dynamic Trusted App User KernelStatic Trusted App ● Entry into secure world from SMC (or FIQ arriving). ● Command arriving → Allocated to thread (if available), TA context set up and called; ○ If supplicant needed, RPC is started and thread suspended. ● Return to normal world on task completion, RPC (or IRQ arriving). Secure World OP-TEE Msg SMC call
  36. 36. OP-TEE: Trusted Storage Normal World Secure World tee- supplicant Trusted App TEE driver RPC call Linux File System ● Implements GP Trusted Storage PersistentObject functions. ● TEE File System encrypts data: ○ Secure Storage Key (per device), ○ File Encryption Key (per file). ● Data stored in Linux File System ○ Managed by tee_supplicant. For more details, please read secure_storage.md at GitHub. Trusted Storage API TEE File Ops Interface TEE File System REE File Ops Interface Key manager RPMB Coming Soon! Replay Protected Memory Block
  37. 37. OP-TEE: Paging ● OP-TEE uses ~256KiB RAM for kernel memory: ○ SRAM is normally somewhere between 64-256KiB. ● Running in TrustZone protected DRAM is one option, ○ But may prefer SRAM for security and performance reasons. ● OP-TEE’s pager supports on-demand paging of read-only parts using virtual memory: ○ DRAM is used as backing store, ○ Each page integrity-protected using SHA-256 hash. For more details, please read optee_design.md at GitHub.
  38. 38. OP-TEE: Cryptographic Libraries ● Default cryptographic software library in OP-TEE is LibTomCrypt. ● TEE Cryptographic Operations API makes it easier to add support for other cryptographic engines (both software and hardware). ○ The system calls use a struct crypto_ops which assigns function pointers to the actual implementations. ● Some algorithms may be disabled at compile time if they are not needed, in order to reduce the size of the OP-TEE image and reduce its memory usage. For more details, please read crypto.md at GitHub.
  39. 39. OP-TEE: What’s Next? ● Ongoing: ○ Upstream OP-TEE’s Linux kernel driver, ○ Enhance Secure Storage: ■ Block-based, roll-back handling, address performance issues, ○ Replay Protected Memory Block (RPMB): ■ Tiny (~128KiB) block in eMMC for data storage, ○ GP Test Suite v1.1 Support ● Planned: ○ GlobalPlatform Trusted UI v1.1, ○ Paged Trusted Application.
  40. 40. Outline ● Trusted Execution and GlobalPlatform TEE Specifications ● ARM TrustZone® ● OP-TEE ● Trusted Boot ● Getting Started with OP-TEE
  41. 41. Hardware Platform Flash Bootloader Trusted Boot ROM SoC Bootloader Secure OS BootNormal World Bootloader Normal World OS System Running Reset Starts with trusted bootloader in ROM. Each component must authenticate the next stage. Public Key for the root of trust programmed into OTP on-chip memory.
  42. 42. ARM Trusted Firmware ● An open-source reference implementation of firmware for ARMv8 Platforms, providing trusted boot and runtime services. ● Provided as part of Linaro ARM Platforms releases for Juno and ARM FVP (Fixed Virtual Platform) models. ● OP-TEE is compatible with ARM Trusted Firmware: ○ OP-TEE dispatcher officially merged in ARM-TF, ○ Currently a fork due to lack of support for parsing OP-TEE header in ARM-TF. ● OP-TEE team works with ARM to ensure everything is working! ○ IRQ / FIQ model for OP-TEE and ARM-TF was designed together.
  43. 43. Outline ● Trusted Execution and GlobalPlatform TEE Specifications ● ARM TrustZone® ● OP-TEE ● Trusted Boot ● Getting Started with OP-TEE ● Further Information
  44. 44. Getting Started with OP-TEE and $ sudo apt-get install android-tools-fastboot autoconf bison cscope curl flex gdisk libc6:i386 libfdt-dev libglib2.0-dev libpixman-1-dev libstdc++6:i386 libz1:i386 netcat python-crypto python-serial uuid-dev xz-utils zlib1g-dev $ sudo apt-get install ccache $ mkdir -p $HOME/devel/optee $ cd $HOME/devel/optee $ repo init -u https://github.com/OP-TEE/manifest.git -m default.xml $ repo sync $ cd $HOME/devel/optee/build $ make toolchains $ make all run Fetch the Prerequisites Fetch the Repos Build and run! For more details, please read README at GitHub
  45. 45. Getting Started: Running OP-TEE Type: c on QEMU command line
  46. 46. Type: modprobe optee_armtz tee-supplicant& on serial console command line
  47. 47. Type: xtest on serial console command line
  48. 48. OP-TEE Test suite (xtest) is running!
  49. 49. The End Questions?
  50. 50. Further Information ● GlobalPlatform TEE Specifications ● ARM Trusted Base System Architecture ● OP-TEE ● ARM Trusted Firmware
  51. 51. GlobalPlatform TEE Specifications 1. TEE Systems Architecture v1.0 – explains the hardware and software architectures behind the TEE. December 2011. 2. TEE Client API Specification v1.0 – enables communication between applications running in a Rich OS and trusted applications residing in the TEE. July 2010. 3. TEE Internal Core API Specification v1.1 – enables trusted applications within a TEE to perform the general operations of a security application, such as cryptography, secure storage, communication and general tasks, such as timekeeping and memory management. June 2014. [1.0 in December 2011]. 4. TEE Secure Element API Specification v1.1 – allows trusted applications to directly communicate with a SE, rather than through a client application. July 2015. 5. TEE Sockets API Specification v1.0 – specifies standards to enable trusted applications to directly make use of internet protocol interfaces, rather than send packets to a client application for internet transfer. June 2015 6. Trusted User Interface API Specification v1.0 – allows a trusted application to securely display text and graphics, and ask the user to perform an action ranging from navigation to entry of an associated PIN- or Password-backed ID. June 2013. 7. TEE TA Debug Specification v1.0 – enables the debugging of GlobalPlatform compliant TEEs. February 2014. 8. TEE Protection Profile v1.2 – facilitates the Common Criteria evaluation of TEEs. November 2014. See: http://www.globalplatform.org/specificationsdevice.asp
  52. 52. ARM Trusted Base System Architecture ● ARM Document RM DEN0007 ○ Available under NDA from ARM ● Describes the requirements for a Trusted ARM SoC: ○ To meet OMTP and Global Platform “Boundary 1” specifications ○ Covers: CPU, Caches, Interrupt Control, Debug, On-chip Boot ROM, Trusted RAM, Interconnect, Non- volatile memory, Watchdog timers, Clock source, Random number generator entropy source, User input, Power management, Boot Process CPUs must be at least Level 1 Standard Configuration, including TrustZone extensions… Cache accesses from one world must not be able to read, write or modify a line from a different world… The interrupt controller must support at least eight non-secure Software Generated Interrupts and eight secure SGIs… Trusted Base System must always boot from On- chip Boot ROM… Trusted RAM area for use by the Trusted OS and Applications, minimum size…
  53. 53. OP-TEE on GitHub ● In GitHub: See https://github.com/OP-TEE ● README at https://github.com/OP-TEE/optee_os/blob/master/README.md ● Documentation at: https://github.com/OP-TEE/optee_os/tree/master/documentation ● Mail the team at: mailto:op-tee@linaro.org
  54. 54. Presentations on OP-TEE (1/2) LCU14-103: How to create and run Trusted Applications on OP-TEE https://www.youtube.com/watch?v=6fmwhqrOmpc (Video) http://www.slideshare.net/linaroorg/lcu14103-how-to-create-and-run-trusted-applications-on-optee?related=4 (Slides) LCU14:107: OP-TEE on ARMv8 http://www.slideshare.net/linaroorg/lcu14-107-optee-on-ar-mv8?related=5 (Slides) LCU14-302: OP-TEE Porting and Future Enhancements https://www.youtube.com/watch?v=QgaGJow7hws (Video) http://www.slideshare.net/linaroorg/lcu14-302-how-to-port-optee-to-another-platform?related=3 (Slides Porting) http://www.slideshare.net/linaroorg/lcu14-306-optee-future-enhancements?related=2 (Slides: Future Enhancements) HKG15-303: Secure Playback Using OP-TEE https://www.youtube.com/watch?v=WJS5ygNGaO8 (Video) HKG15-307: OP-TEE paging https://www.youtube.com/watch?v=hCYjlBPxEbY (Video) http://www.slideshare.net/linaroorg/hkg15307-optee-paging (Slides)
  55. 55. Presentations on OP-TEE (2/2) HKG15-311: OP-TEE for Beginners and Porting Review https://www.youtube.com/watch?v=Fksx4-bpHRY (Video) http://www.slideshare.net/linaroorg/hkg15311-optee-for-beginners-and-porting-review (Slides) HKG15-505: Power Management Interactions with OP-TEE and Trusted Firmware https://www.youtube.com/watch?v=hQ2ITjHZY4s (Video) http://www.slideshare.net/linaroorg/hkg15-505-power-management-interactions-with-optee-repaired (Slides) SFO15-200: Linux kernel generic TEE driver https://www.youtube.com/watch?v=BhLndLUQamM (Video) http://www.slideshare.net/linaroorg/sfo15200-linux-kernel-generic-tee-driver (Slides) SFO15-205: OP-TEE Content with Microsoft PlayReady on ARM TrustZone https://www.youtube.com/watch?v=defbtpsw6h8 (Video) http://www.slideshare.net/linaroorg/sfo15205-optee-content-decryption-with-microsoft-playready-on-arm-53111683 (Slides) SFO15-503 Secure Storage in OP-TEE https://www.youtube.com/watch?v=pChEdObYLRM (Video) http://www.slideshare.net/linaroorg/sfo15503-secure-storage-in-optee?related=1 (Slides)
  56. 56. ARM Trusted Firmware User Guide on GitHub: https://github.com/ARM-software/arm-trusted-firmware/blob/master/docs/user-guide.md LCU13 An Introduction to ARM Trusted Firmware https://www.youtube.com/watch?v=q32BEMMxmfw (Video) http://www.slideshare.net/linaroorg/arm-trusted-firmareforarmv8alcu13 (Slides) LCU13: ARM Trusted Firmware Deep Dive http://www.slideshare.net/linaroorg/trusted-firmware-deepdivev10 (Slides) LCU14-500: ARM Trusted Firmware Roadmap and Progress https://www.youtube.com/watch?v=je0_-yYgKdc (Video) http://www.slideshare.net/linaroorg/lcu14-500-arm-trusted-firmware (Slides) LCA14-102: Adopting ARM Trusted Firmware https://www.youtube.com/watch?v=h98jBQrxxKg (Video) http://www.slideshare.net/linaroorg/lca14-102-adoptingarmtrustedfirmware (Slides) HKG15-502: ARM Trusted Firmware Evolution https://www.youtube.com/watch?v=l2Mv-R9lMPs (Video) http://www.slideshare.net/linaroorg/hkg15502-arm-trusted-firmware-evolution (Slides) SFO15-101: Security requirements on ARM v8-A boot architecture https://www.youtube.com/watch?v=q5nF9tSrak4 (Video) http://www.slideshare.net/linaroorg/sfo15101-security-requirements-on-armv8a-boot-architecture (Slides)
  • RobbieCao1

    Dec. 17, 2020
  • VinodSathyaseelan

    Nov. 7, 2019
  • CharlesLee267

    Aug. 19, 2019
  • SimonZhou13

    Aug. 5, 2019
  • NagababuViswanadhapa

    Feb. 28, 2019
  • bayernarena

    Feb. 9, 2019
  • AndyYin5

    Nov. 27, 2018
  • TERRANCEHUANG2

    Jul. 9, 2018
  • daltoncezane

    Jun. 21, 2018
  • jeffwhw

    May. 3, 2018
  • RabendraPatel

    Jan. 31, 2018
  • saikishore14

    Dec. 10, 2017
  • YangLi39

    Oct. 18, 2017
  • AlexanderDemyankov

    Sep. 21, 2017
  • ssuser90bc20

    Aug. 15, 2017
  • mailsunda

    May. 7, 2017
  • RexChan17

    Mar. 15, 2017
  • ssuser08ce58

    Mar. 9, 2017
  • jessecheng4

    Dec. 1, 2016
  • ebilyfeng

    Aug. 19, 2016

Smart connected devices such as mobile phones, tablets and Digital TVs are required to handle data with strong security and confidentiality requirements. A “Trusted Execution Environment” (TEE) provides an environment for processing data securely, protected from normal platform applications. This talk is intended as an introduction to Trusted Execution, and the open-source Trusted Execution Environment OP-TEE in particular. It introduces the GlobalPlatform TEE Specifications, explains how Trusted Execution is implemented by ARM TrustZone and OP-TEE, and outlines how trusted boot software manages the secure boot of an ARM platform. Finally, it gives some pointers on how to get started with OP-TEE.

Vues

Nombre de vues

9 428

Sur Slideshare

0

À partir des intégrations

0

Nombre d'intégrations

903

Actions

Téléchargements

583

Partages

0

Commentaires

0

Mentions J'aime

24

×