SlideShare a Scribd company logo

LCU13: An Introduction to ARM Trusted Firmware

Linaro, profile picture
Linaro

The document provides an overview of the Arm Trusted Firmware for Armv8-A, detailing its role as a reference implementation of secure software and emphasizing the need for standardization across various platforms. It discusses challenges such as rewriting firmware, integrating multiple software components, and the importance of a standardized interface for power management and system operations. The document also highlights the collaborative nature of the project, which is intended to facilitate easier integration and foster community development through an open-source model.

Technology
1 of 26
Downloaded 1,016 times
1
2
3
Most read
4
5
6
7
8
9
10
11
12
Most read
13
14
15
16
17
18
19
20
21
Most read
22
23
24
25
26
1 ARM Trusted Firmware for ARMv8-A LCU13 – 28th October 2013 Andrew Thoelke
2 ARM Trusted Firmware  Reference implementation of secure world software for ARMv8-A, including Exception Level 3 (EL3) software.  Various ARM interface standards  Power State Coordination Interface (PSCI)  Trusted Board Boot Requirements (TBBR)  Secure Monitor code  Designed for porting to other implementations  Continue collaborative development as an Open Source project licensed under BSD https://github.com/ARM-software/arm-trusted-firmware
3 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
4 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
5 A quick primer on ARM architecture How Linux would like to think it is running on ARM ARMv6 ARM SoC svc usr Non-Secure AppAppApp AppAppApp OS OS
6 A quick primer on ARM architecture Now that we have KVM/Xen on ARMv7 it looks like this ARMv7 ARM SoC hyp svc usr Non-Secure AppAppApp AppAppApp OS OS Hypervisor
7 A quick primer on ARM architecture But that is forgetting the software in secure execution states Effectively opaque to OS/hypervisor: it looks like firmware ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor
8 Who writes the software? Operating System code from multiple vendors needs to be integrated … ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor Windows Linux Android QNX
9 Who writes the software? … with hypervisor code from multiple virtualisation vendors which needs to be integrated … ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor Hyper-V Xen, KVM, VMware …
10 Who writes the software? … with secure software from multiple vendors to create each product ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor OEMs Silicon providers Trusted OS vendors
11 Firmware is fragmented … with secure software from multiple vendors to create each product ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor OEMs Silicon providers Trusted OS vendors  Today in ARM products the secure firmware code is tightly integrated  Resulting in distinct software integration effort for each SoC/TOS/OS combination  OEM provides additional secure requirements…
12 Introduce ARMv8-A ARMv8-A introduces a new set of AArch64 execution states The same software integration is needed AArch32 AArch64 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor EL2 EL1 EL0EL0 Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp EL3 Secure Monitor EL1 Trusted OS Secure Firmware ROM Firmware Secure Firmware
13 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
14 Challenge #1: Rewriting the Firmware  To use AArch64, EL3 must be AArch64  AArch64 demands a different approach in the Secure Monitor  EL1 (operating system) processor state must saved and restored by the Secure Monitor software  Separation of the Trusted OS at Secure-EL1 from the Secure Monitor at EL3 requires a redesign of the interaction between the Trusted OS and Monitor  Everyone writing secure privileged code has some substantial work to do – it’s not just a port of ARM assembler code to A64 instructions  How much of this code is common?
15 Challenge #2: A Need to Standardize  A single kernel image has to work on all platforms – including the ones that have not been created yet  Particularly for Enterprise systems  This demands that interaction with the hardware platform is standardized around specified peripheral and firmware interfaces  ARM has been creating some of these standards to make this possible:  SMC Calling Convention – to enable standard and vendor specific firmware services to coexist  PSCI – a firmware interface for CPU power control  Working to define support for ARM systems in existing standards such as UEFI and ACPI  How many implementations of the standards do we need?  Is there a reference implementation?
16 SMC Calling Convention  Defines a standard calling convention Secure Monitor Calls in ARMv7 and ARMv8-A:  Register use for parameters and return values, use of immediate  Defines a partitioning of function ID space to allow multiple vendors to coexist in secure firmware  OEMs, SiPs and Trusted OS vendors  Providing number of services e.g.  Standard firmware services (e.g. power management)  Trusted OS  Errata management  Spec available from ARM infocenter:  http://infocenter.arm.com/help/topic/com.arm.doc.den0028a/index.html
17 S-EL1 Power State Coordination Interface  Defines a standard interface for making power management requests across exception levels/operating systems  Supports virtualisation and a communications with between normal and secure world  Allows secure firmware to arbitrate power management requests from secure and non- secure software  Default method for power control in Linux AArch64 kernel EL2 EL3 EL1 Secure Platform FW Trusted OS Rich OS kernel Hypervisor Add/Remove cores Secondary boot Idle Shutdown Reset  Spec available today in ARM infocenter:  http://infocenter.arm.com/help/topic/com.arm.doc.den0022b/index.html
18 Challenge #3: Dealing with bugs  Working around hardware errata involves firmware  may require setting secure processor state during boot  may require runtime access to secure processor registers during OS execution – is the firmware call standard across SoCs?  Errata do not always show up before a product is released  can the firmware be updated?  Secure firmware isn’t exempt from defects either  Some firmware functionality is common across SoCs – multiple implementations provides multiple opportunities for defects
19 Taking the Opportunity  Reduce duplicated effort by standardizing on a single implementation framework for EL3 software for ARMv8-A  Provide reference implementations and test suites for standard interfaces and firmware behaviour  Provide reference secure initialisation code, including errata handling, for ARM CPUs and system peripherals  A suitably designed, portable implementation will allow easier integration of the various pieces of secure software  A demonstration of a multi-stage authenticated boot flow will encourage the use of updatable firmware in products  The diversity of integration needs is best met by an open collaboration
20 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
21 ARM Trusted Firmware Architecture EL3 Firmware - BL31 (Secure Monitor) SMC Interface Service Router Other EL3 Interfaces Interrupt Handler World Switcher PSCI Pwr Ctrl Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface UEFI - BL33 UEFI Secure Boot EDK2 Core I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Trusted OS - BL32 PSCI Test Service Router TOS Interface S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite – BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper
22 EL3 Firmware - BL31 (Secure Monitor) SMC Interface Service Router Other EL3 Interfaces Interrupt Handler World Switcher PSCI Pwr Ctrl Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface UEFI - BL33 UEFI Secure Boot EDK2 Core I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Trusted OS - BL32 PSCI Test Service Router TOS Interface S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite – BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper ARM Trusted Firmware version 0.2 Not Available Yet Partially Available
23 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
24 Firmware Availability  Binary delivery in Sep’13 Linaro AArch64 OpenEmbedded release  FVP Base models only (AEMv8 and Cortex A57/A53)  PSCI v0.2: CPU_ON/OFF support, for MP boot and Linux CPU hotplug  GICv3 configuration (AEMv8 model) for OS driver development  UEFI used as normal world bootloader  Source code published 25th October 2013 under BSD license  https://github.com/ARM-software/arm-trusted-firmware  November 2013 updates  PSCI v0.2: CPU_SUSPEND for Linux CPU idle  Foundation_v8 (new 2013 model) support  Future  Complete implementation of the PSCI specification  Secure memory, Secure monitor, Test Trusted OS & Secure interrupts  Booting the firmware from a block device
25 ARM Trusted Firmware project  The current release (v0.2) is an first implementation  Limited functionality; not yet optimized; not yet hardened  ARM to continue development in collaboration with interested parties to benefit all developers working with ARMv8-A TrustZone software  Please Provide Feedback
26 ARM Trusted Firmware at LCU13  Thursday 11am – 1pm, GT America 2  Deep Dive into ARM Trusted Firmware  Technical tour through the design and implementation  In the meantime…  Find us at Connect:  Andrew Thoelke, Dan Handley, Charles Garcia-Tobin Jason Parker, Vincent Korstanje  Code:  https://github.com/ARM-software/arm-trusted-firmware  Feedback:  via the GitHub issue tracker or through your ARM representative

More Related Content

PDF
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
PDF
ACPI Debugging from Linux Kernel
SUSE Labs Taipei
 
PPTX
Computer architecture
Burhan Ahmed
 
PDF
Trusted firmware deep_dive_v1.0_
Linaro
 
PDF
Design and Concepts of Android Graphics
National Cheng Kung University
 
PPTX
SATA Introduction
Gene Chang
 
PPTX
Arm: Enabling CXL devices within the Data Center with Arm Solutions
Memory Fabric Forum
 
PPTX
Boot process
Salman Memon
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
ACPI Debugging from Linux Kernel
SUSE Labs Taipei
 
Computer architecture
Burhan Ahmed
 
Trusted firmware deep_dive_v1.0_
Linaro
 
Design and Concepts of Android Graphics
National Cheng Kung University
 
SATA Introduction
Gene Chang
 
Arm: Enabling CXL devices within the Data Center with Arm Solutions
Memory Fabric Forum
 
Boot process
Salman Memon
 

What's hot (20)

PDF
LCU14 500 ARM Trusted Firmware
Linaro
 
PDF
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Linaro
 
PDF
HKG15-505: Power Management interactions with OP-TEE and Trusted Firmware
Linaro
 
PDF
Uboot startup sequence
Houcheng Lin
 
PPTX
Trusted Platform Module (TPM)
k33a
 
ODP
Introduction to Optee (26 may 2016)
Yannick Gicquel
 
PDF
BUD17-400: Secure Data Path with OPTEE
Linaro
 
PDF
Lcu14 107- op-tee on ar mv8
Linaro
 
PDF
TEE - kernel support is now upstream. What this means for open source security
Linaro
 
PDF
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
PPT
Pcie drivers basics
Venkatesh Malla
 
PPTX
Bootloaders (U-Boot)
Omkar Rane
 
PDF
SFO15-TR9: PSCI, ACPI (and UEFI to boot)
Linaro
 
PDF
Introduction to Modern U-Boot
GlobalLogic Ukraine
 
PDF
Board Bringup
Anil Kumar Pugalia
 
PDF
Lcu14 306 - OP-TEE Future Enhancements
Linaro
 
PDF
LCU14 302- How to port OP-TEE to another platform
Linaro
 
PDF
HKG18-402 - Build secure key management services in OP-TEE
Linaro
 
PDF
LCU14-103: How to create and run Trusted Applications on OP-TEE
Linaro
 
PDF
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
Linaro
 
LCU14 500 ARM Trusted Firmware
Linaro
 
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Linaro
 
HKG15-505: Power Management interactions with OP-TEE and Trusted Firmware
Linaro
 
Uboot startup sequence
Houcheng Lin
 
Trusted Platform Module (TPM)
k33a
 
Introduction to Optee (26 may 2016)
Yannick Gicquel
 
BUD17-400: Secure Data Path with OPTEE
Linaro
 
Lcu14 107- op-tee on ar mv8
Linaro
 
TEE - kernel support is now upstream. What this means for open source security
Linaro
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
Pcie drivers basics
Venkatesh Malla
 
Bootloaders (U-Boot)
Omkar Rane
 
SFO15-TR9: PSCI, ACPI (and UEFI to boot)
Linaro
 
Introduction to Modern U-Boot
GlobalLogic Ukraine
 
Board Bringup
Anil Kumar Pugalia
 
Lcu14 306 - OP-TEE Future Enhancements
Linaro
 
LCU14 302- How to port OP-TEE to another platform
Linaro
 
HKG18-402 - Build secure key management services in OP-TEE
Linaro
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
Linaro
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
Linaro
 
Ad

Similar to LCU13: An Introduction to ARM Trusted Firmware (20)

PPT
Slimline Open Firmware
Heiko Joerg Schick
 
PDF
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
Paul Yang
 
PPTX
LAS16-203: Platform security architecture for embedded devices
Linaro
 
PDF
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SAN19-118
Wei Fu
 
PDF
Provisioning the IoT
Sander Mak (@Sander_Mak)
 
PDF
ARM Processor Tutorial
Embeddedcraft Craft
 
PDF
Q4.11: ARM Technology Update Plenary
Linaro
 
PDF
AAME ARM Techcon2013 003v02 Software Development
Anh Dung NGUYEN
 
PDF
Linux firmware for iRMC controller on Fujitsu Primergy servers
Vladimir Shakhov
 
PDF
Q2.12: Power Management Across OSs
Linaro
 
PPTX
Chapter_01_See_Program_Running.pptx
WaleedAbdullah2k19EE
 
DOCX
08680982.pdfArchitectures for Security A comparative anal.docx
croftsshanon
 
PDF
HKG15-505: Power Management interactions with OP-TEE and Trusted Firmware
Linaro
 
PDF
HKG18-317 - Arm Server Ready Program
Linaro
 
PDF
BKK16-309A Open Platform support in UEFI
Linaro
 
PDF
Bkk16 309B Enterprise Firmware - The gold standard and how to get there
Linaro
 
PPTX
microprocessors and ARM Assembly Language
JoelAttati
 
PPTX
Chapter_01_See_Program_Running Yifeng Zhu
AbdulKhaliq763972
 
PPT
Agnostic Device Drivers
Heiko Joerg Schick
 
PPTX
Enhancement of ARINC 653 for Multi-core Hardware.pptx
Abrar Hafiz
 
Slimline Open Firmware
Heiko Joerg Schick
 
Building PoC ready ODM Platforms with Arm SystemReady v5.2.pdf
Paul Yang
 
LAS16-203: Platform security architecture for embedded devices
Linaro
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SAN19-118
Wei Fu
 
Provisioning the IoT
Sander Mak (@Sander_Mak)
 
ARM Processor Tutorial
Embeddedcraft Craft
 
Q4.11: ARM Technology Update Plenary
Linaro
 
AAME ARM Techcon2013 003v02 Software Development
Anh Dung NGUYEN
 
Linux firmware for iRMC controller on Fujitsu Primergy servers
Vladimir Shakhov
 
Q2.12: Power Management Across OSs
Linaro
 
Chapter_01_See_Program_Running.pptx
WaleedAbdullah2k19EE
 
08680982.pdfArchitectures for Security A comparative anal.docx
croftsshanon
 
HKG15-505: Power Management interactions with OP-TEE and Trusted Firmware
Linaro
 
HKG18-317 - Arm Server Ready Program
Linaro
 
BKK16-309A Open Platform support in UEFI
Linaro
 
Bkk16 309B Enterprise Firmware - The gold standard and how to get there
Linaro
 
microprocessors and ARM Assembly Language
JoelAttati
 
Chapter_01_See_Program_Running Yifeng Zhu
AbdulKhaliq763972
 
Agnostic Device Drivers
Heiko Joerg Schick
 
Enhancement of ARINC 653 for Multi-core Hardware.pptx
Abrar Hafiz
 
Ad

More from Linaro (20)

PDF
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Linaro
 
PDF
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Linaro
 
PDF
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Linaro
 
PDF
Bud17 113: distribution ci using qemu and open qa
Linaro
 
PDF
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
Linaro
 
PDF
HPC network stack on ARM - Linaro HPC Workshop 2018
Linaro
 
PDF
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
Linaro
 
PDF
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Linaro
 
PDF
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Linaro
 
PDF
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Linaro
 
PDF
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
PDF
HKG18-100K1 - George Grey: Opening Keynote
Linaro
 
PDF
HKG18-318 - OpenAMP Workshop
Linaro
 
PDF
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
PDF
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
Linaro
 
PDF
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Linaro
 
PDF
HKG18-TR08 - Upstreaming SVE in QEMU
Linaro
 
PDF
HKG18-113- Secure Data Path work with i.MX8M
Linaro
 
PPTX
HKG18-120 - Devicetree Schema Documentation and Validation
Linaro
 
PPTX
HKG18-223 - Trusted FirmwareM: Trusted boot
Linaro
 
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Linaro
 
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Linaro
 
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Linaro
 
Bud17 113: distribution ci using qemu and open qa
Linaro
 
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
Linaro
 
HPC network stack on ARM - Linaro HPC Workshop 2018
Linaro
 
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
Linaro
 
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Linaro
 
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Linaro
 
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Linaro
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
HKG18-100K1 - George Grey: Opening Keynote
Linaro
 
HKG18-318 - OpenAMP Workshop
Linaro
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
Linaro
 
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Linaro
 
HKG18-TR08 - Upstreaming SVE in QEMU
Linaro
 
HKG18-113- Secure Data Path work with i.MX8M
Linaro
 
HKG18-120 - Devicetree Schema Documentation and Validation
Linaro
 
HKG18-223 - Trusted FirmwareM: Trusted boot
Linaro
 

Recently uploaded (20)

PDF
Doc9.....................................
SofiaCollazos
 
PDF
Advances in Ultra High Voltage (UHV) Transmission and Distribution Systems.pdf
Nabajyoti Banik
 
PDF
This slide provides an overview Technology
mineshkharadi333
 
PDF
REPORT: Heating appliances market in Poland 2024
SPIUG
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
Enable Enterprise-Ready Security on IBM i Systems.pdf
Precisely
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PDF
Revolutionize Operations with Intelligent IoT Monitoring and Control
Rejig Digital
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
GYTPOL If You Give a Hacker a Host
linda296484
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
PDF
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
PPTX
Comunidade Salesforce São Paulo - Desmistificando o Omnistudio (Vlocity)
Francisco Vieira Júnior
 
PDF
CIFDAQ's Teaching Thursday: Moving Averages Made Simple
CIFDAQ
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
Building High-Performance Oracle Teams: Strategic Staffing for Database Manag...
SMACT Works
 
PDF
madgavkar20181017ppt McKinsey Presentation.pdf
georgschmitzdoerner
 
Doc9.....................................
SofiaCollazos
 
Advances in Ultra High Voltage (UHV) Transmission and Distribution Systems.pdf
Nabajyoti Banik
 
This slide provides an overview Technology
mineshkharadi333
 
REPORT: Heating appliances market in Poland 2024
SPIUG
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Enable Enterprise-Ready Security on IBM i Systems.pdf
Precisely
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
Revolutionize Operations with Intelligent IoT Monitoring and Control
Rejig Digital
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
GYTPOL If You Give a Hacker a Host
linda296484
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
Event Presentation Google Cloud Next Extended 2025
minhtrietgect
 
SparkLabs Primer on Artificial Intelligence 2025
SparkLabs Group
 
Comunidade Salesforce São Paulo - Desmistificando o Omnistudio (Vlocity)
Francisco Vieira Júnior
 
CIFDAQ's Teaching Thursday: Moving Averages Made Simple
CIFDAQ
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
Building High-Performance Oracle Teams: Strategic Staffing for Database Manag...
SMACT Works
 
madgavkar20181017ppt McKinsey Presentation.pdf
georgschmitzdoerner
 

LCU13: An Introduction to ARM Trusted Firmware

  • 1. 1 ARM Trusted Firmware for ARMv8-A LCU13 – 28th October 2013 Andrew Thoelke
  • 2. 2 ARM Trusted Firmware  Reference implementation of secure world software for ARMv8-A, including Exception Level 3 (EL3) software.  Various ARM interface standards  Power State Coordination Interface (PSCI)  Trusted Board Boot Requirements (TBBR)  Secure Monitor code  Designed for porting to other implementations  Continue collaborative development as an Open Source project licensed under BSD https://github.com/ARM-software/arm-trusted-firmware
  • 3. 3 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
  • 4. 4 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
  • 5. 5 A quick primer on ARM architecture How Linux would like to think it is running on ARM ARMv6 ARM SoC svc usr Non-Secure AppAppApp AppAppApp OS OS
  • 6. 6 A quick primer on ARM architecture Now that we have KVM/Xen on ARMv7 it looks like this ARMv7 ARM SoC hyp svc usr Non-Secure AppAppApp AppAppApp OS OS Hypervisor
  • 7. 7 A quick primer on ARM architecture But that is forgetting the software in secure execution states Effectively opaque to OS/hypervisor: it looks like firmware ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor
  • 8. 8 Who writes the software? Operating System code from multiple vendors needs to be integrated … ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor Windows Linux Android QNX
  • 9. 9 Who writes the software? … with hypervisor code from multiple virtualisation vendors which needs to be integrated … ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor Hyper-V Xen, KVM, VMware …
  • 10. 10 Who writes the software? … with secure software from multiple vendors to create each product ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor OEMs Silicon providers Trusted OS vendors
  • 11. 11 Firmware is fragmented … with secure software from multiple vendors to create each product ARMv7 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor OEMs Silicon providers Trusted OS vendors  Today in ARM products the secure firmware code is tightly integrated  Resulting in distinct software integration effort for each SoC/TOS/OS combination  OEM provides additional secure requirements…
  • 12. 12 Introduce ARMv8-A ARMv8-A introduces a new set of AArch64 execution states The same software integration is needed AArch32 AArch64 ARM SoC hyp svc usrusr Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp svc mon Trusted OS Secure Firmware Secure Monitor EL2 EL1 EL0EL0 Non-Secure Secure AppAppApp AppAppApp OS OS Hypervisor AppAppApp EL3 Secure Monitor EL1 Trusted OS Secure Firmware ROM Firmware Secure Firmware
  • 13. 13 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
  • 14. 14 Challenge #1: Rewriting the Firmware  To use AArch64, EL3 must be AArch64  AArch64 demands a different approach in the Secure Monitor  EL1 (operating system) processor state must saved and restored by the Secure Monitor software  Separation of the Trusted OS at Secure-EL1 from the Secure Monitor at EL3 requires a redesign of the interaction between the Trusted OS and Monitor  Everyone writing secure privileged code has some substantial work to do – it’s not just a port of ARM assembler code to A64 instructions  How much of this code is common?
  • 15. 15 Challenge #2: A Need to Standardize  A single kernel image has to work on all platforms – including the ones that have not been created yet  Particularly for Enterprise systems  This demands that interaction with the hardware platform is standardized around specified peripheral and firmware interfaces  ARM has been creating some of these standards to make this possible:  SMC Calling Convention – to enable standard and vendor specific firmware services to coexist  PSCI – a firmware interface for CPU power control  Working to define support for ARM systems in existing standards such as UEFI and ACPI  How many implementations of the standards do we need?  Is there a reference implementation?
  • 16. 16 SMC Calling Convention  Defines a standard calling convention Secure Monitor Calls in ARMv7 and ARMv8-A:  Register use for parameters and return values, use of immediate  Defines a partitioning of function ID space to allow multiple vendors to coexist in secure firmware  OEMs, SiPs and Trusted OS vendors  Providing number of services e.g.  Standard firmware services (e.g. power management)  Trusted OS  Errata management  Spec available from ARM infocenter:  http://infocenter.arm.com/help/topic/com.arm.doc.den0028a/index.html
  • 17. 17 S-EL1 Power State Coordination Interface  Defines a standard interface for making power management requests across exception levels/operating systems  Supports virtualisation and a communications with between normal and secure world  Allows secure firmware to arbitrate power management requests from secure and non- secure software  Default method for power control in Linux AArch64 kernel EL2 EL3 EL1 Secure Platform FW Trusted OS Rich OS kernel Hypervisor Add/Remove cores Secondary boot Idle Shutdown Reset  Spec available today in ARM infocenter:  http://infocenter.arm.com/help/topic/com.arm.doc.den0022b/index.html
  • 18. 18 Challenge #3: Dealing with bugs  Working around hardware errata involves firmware  may require setting secure processor state during boot  may require runtime access to secure processor registers during OS execution – is the firmware call standard across SoCs?  Errata do not always show up before a product is released  can the firmware be updated?  Secure firmware isn’t exempt from defects either  Some firmware functionality is common across SoCs – multiple implementations provides multiple opportunities for defects
  • 19. 19 Taking the Opportunity  Reduce duplicated effort by standardizing on a single implementation framework for EL3 software for ARMv8-A  Provide reference implementations and test suites for standard interfaces and firmware behaviour  Provide reference secure initialisation code, including errata handling, for ARM CPUs and system peripherals  A suitably designed, portable implementation will allow easier integration of the various pieces of secure software  A demonstration of a multi-stage authenticated boot flow will encourage the use of updatable firmware in products  The diversity of integration needs is best met by an open collaboration
  • 20. 20 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
  • 21. 21 ARM Trusted Firmware Architecture EL3 Firmware - BL31 (Secure Monitor) SMC Interface Service Router Other EL3 Interfaces Interrupt Handler World Switcher PSCI Pwr Ctrl Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface UEFI - BL33 UEFI Secure Boot EDK2 Core I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Trusted OS - BL32 PSCI Test Service Router TOS Interface S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite – BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper
  • 22. 22 EL3 Firmware - BL31 (Secure Monitor) SMC Interface Service Router Other EL3 Interfaces Interrupt Handler World Switcher PSCI Pwr Ctrl Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface UEFI - BL33 UEFI Secure Boot EDK2 Core I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Trusted OS - BL32 PSCI Test Service Router TOS Interface S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite – BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper ARM Trusted Firmware version 0.2 Not Available Yet Partially Available
  • 23. 23 ARM Trusted Firmware  Firmware on ARM SoCs  Why now, why ARMv8-A?  ARM Trusted Firmware overview  Where are we now and what’s next
  • 24. 24 Firmware Availability  Binary delivery in Sep’13 Linaro AArch64 OpenEmbedded release  FVP Base models only (AEMv8 and Cortex A57/A53)  PSCI v0.2: CPU_ON/OFF support, for MP boot and Linux CPU hotplug  GICv3 configuration (AEMv8 model) for OS driver development  UEFI used as normal world bootloader  Source code published 25th October 2013 under BSD license  https://github.com/ARM-software/arm-trusted-firmware  November 2013 updates  PSCI v0.2: CPU_SUSPEND for Linux CPU idle  Foundation_v8 (new 2013 model) support  Future  Complete implementation of the PSCI specification  Secure memory, Secure monitor, Test Trusted OS & Secure interrupts  Booting the firmware from a block device
  • 25. 25 ARM Trusted Firmware project  The current release (v0.2) is an first implementation  Limited functionality; not yet optimized; not yet hardened  ARM to continue development in collaboration with interested parties to benefit all developers working with ARMv8-A TrustZone software  Please Provide Feedback
  • 26. 26 ARM Trusted Firmware at LCU13  Thursday 11am – 1pm, GT America 2  Deep Dive into ARM Trusted Firmware  Technical tour through the design and implementation  In the meantime…  Find us at Connect:  Andrew Thoelke, Dan Handley, Charles Garcia-Tobin Jason Parker, Vincent Korstanje  Code:  https://github.com/ARM-software/arm-trusted-firmware  Feedback:  via the GitHub issue tracker or through your ARM representative