LCA14: LCA14-102: Adopting ARM Trusted Firmware
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

LCA14: LCA14-102: Adopting ARM Trusted Firmware

on

  • 777 views

Resource: LCA14

Resource: LCA14
Name: LCA14-102: Adopting ARM Trusted Firmware
Date: 03-03-2014
Speaker: Andrew Thoelke
Video: https://www.youtube.com/watch?v=h98jBQrxxKg

Statistics

Views

Total Views
777
Views on SlideShare
777
Embed Views
0

Actions

Likes
1
Downloads
34
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

LCA14: LCA14-102: Adopting ARM Trusted Firmware Presentation Transcript

  • 1. 1 Adopting ARM Trusted Firmware LCA14 – March 2014 AndrewThoelke Systems & Software, ARM
  • 2. 2 https://www.github.com/ARM-Software/arm-trusted-firmware  Standardized EL3 Runtime Firmware  For All 64-bit ARMv8-A systems  Reducing porting and integration work  For SoC andTrusted OS developers  Reusable, reference implementations  PSCI  SMC Calling Convention  Configuration of ARM hardware  Running on ARMv8-A FVP models  And now running on silicon ARM Trusted Firmware for 64-bit ARMv8-A A recap ARM Trusted Firmware EL3 SoC/platform port Normal World OS EL1/EL2 Trusted OS Secure-EL1 Trusted OS Dispatcher TOSspecific protocoland mechanism Trusted App Secure-EL0 App EL0 TOS driver TOS library TOSspecificprotocolviaSM C viaioctl Porting interface between Trusted Firmware and SoC/ platform Interface between Trusted Firmware and Trusted OS Dispatcher ARM Trusted Firmware Trusted OS supplier SoC supplier OS/hypervisor supplier Trusted App supplier Internal TOS interface
  • 3. 3 https://www.github.com/ARM-Software/arm-trusted-firmware  Reference boot flows  For 64-bit ARMv8-A systems  Open Source at GitHub  BSD License  Contributors welcome  Still to come…  Authenticated boot  Authenticated Firmware update  Firmware test suite  PSCI Conformance tests ARM Trusted Firmware for 64-bit ARMv8-A A recap EL3 Runtime Firmware - BL31 SMC Interface SMC Dispatcher Other SMC Calls Interrupt Handler Secure Monitor PSCI Power Control Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface Non-secure firmware - BL33 (EDK2, U-Boot) Secure Boot I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Secure EL1 Payload - BL32 PSCI Test Service Router Other Test S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite - BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper BL33 BL33 (Alternative) BL32 BL2 BL1 BL31 RESET 2nd level Boot Loader (BL2) loads all 3rd level images 1st level Boot Loader (BL1) loads 2nd level image To Hypervisor / Linux Kernel
  • 4. 4 https://www.github.com/ARM-Software/arm-trusted-firmware  So ARM Trusted Firmware provides some great benefits:  Support for ARM standards like SMC Calling Convention and PSCI  Easier firmware integration by separation of SoC andTrusted OS software  Reducing the complexity of porting Monitor code to AArch64  Licensing that lets you use just the code you want with no obligation to publish what you have done  …but using this software also raises some concerns  Some are valid, and need to be addressed  Many are based on misconceptions or misunderstandings  Maybe it is time for … Adopting ARM Trusted Firmware
  • 5. 5 https://www.github.com/ARM-Software/arm-trusted-firmware Busting ARM Trusted Firmware Myths
  • 6. 6 https://www.github.com/ARM-Software/arm-trusted-firmware Myth: ARM Trusted Firmware only works with UEFI  So…  I won’t use it as I am using U-Boot  I can’t afford to switch to UEFI right now  UEFI is just wrong for my product
  • 7. 7 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I won’t use it as I am using U-Boot  I can’t afford to switch to UEFI right now  UEFI is just wrong for my product  Reality  Trusted Firmware is designed to work with ANY non-secure firmware/software  e.g. U-Boot, UEFI, a test suite  Tianocore EDK2 is the UEFI firmware that ARM is testing with ARM Trusted Firmware Myth: ARM Trusted Firmware only works with UEFI Reality: ARMTrusted Firmware works with any non-secure firmware/software EL3 Runtime Firmware - BL31 SMC Interface SMC Dispatcher Other SMC Calls Interrupt Handler Secure Monitor PSCI Power Control Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface Non-secure firmware - BL33 (EDK2, U-Boot) Secure Boot I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Secure EL1 Payload - BL32 PSCI Test Service Router Other Test S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite - BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper BL32 BL2 BL1 BL31 To Hypervisor / Linux Kernel
  • 8. 8 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can’t use it for a product that doesn't have aTrusted OS  It will be too big for a product that doesn't need a Trusted OS Myth: ARM Trusted Firmware requires a Trusted OS
  • 9. 9 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can’t use it for a product that doesn't have aTrusted OS  It will be too big for a product that doesn't need a Trusted OS  Reality  Trusted Firmware can be built without a Trusted OS or Secure Monitor  the default is to exclude it  and needs less RAM  Trusted Firmware still provides benefits without aTrusted OS Myth: ARM Trusted Firmware requires a Trusted OS Reality: ARMTrusted Firmware builds without a Trusted OS by default ARM Trusted Firmware EL3 AArch64 SoC/platform port Normal World EL1/EL2 AArch64/AArch32 PSCI core framework No Secure Monitor PSCI Implementation ARM Trusted Firmware Normal World Software Platform Software Trusted World Software
  • 10. 10 https://www.github.com/ARM-Software/arm-trusted-firmware  So...  I can’t run anyTrusted OS  It can't work with myTrusted OS Myth: ARM Trusted Firmware doesn’t have a Secure Monitor
  • 11. 11 https://www.github.com/ARM-Software/arm-trusted-firmware  So...  I can’t run anyTrusted OS  It can't work with myTrusted OS  Reality  There is an example Secure Monitor that works with theTest Secure-EL1 Payload  Trusted Firmware provides a framework to build a Monitor specific to eachTrusted OS  We'd like to help if your requirements are not yet supported  More examples would make this easier  Linaro SWG is planning to do this Myth: ARM Trusted Firmware doesn’t have a Secure Monitor Reality: ARMTrusted Firmware provides an example Secure Monitor ARM Trusted Firmware EL3 SoC/platform port ARM Trusted Firmware Test Suite EL1/EL2 Test Secure-EL1 Payload (TSP) Secure-EL1 Test Secure-EL1 Payload Dispatcher (TSPD) ARMTFTest specificprotocol andmechanism ARM Trusted Firm wareTest specificprotocolviaSM C World-switch support library PSCI core framework Secure Monitor PSCI Implementation ARM Trusted Firmware ARM Trusted Firmware Test Suite SoC supplier Internal ARM Trusted Firmware Test interface
  • 12. 12 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can't use my own one  I don't need to buy one  Doesn’t this undermine your partners?  Is this allowed? Myth: ARM Trusted Firmware includes a Trusted OS
  • 13. 13 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can't use my own one  I don't need to buy one  Doesn’t this undermine ARM partners?  Is this allowed?  Reality  ARM is not implementing aTrusted OS  Trusted Firmware provides test code that runs in place of aTrusted OS  Trusted OS providers do need to write a piece of code that allows their OS to work with ARM Trusted Firmware Myth: ARM Trusted Firmware includes a Trusted OS Reality: ARM is not implementing a Trusted OS ARM Trusted Firmware EL3 SoC/platform port ARM Trusted Firmware Test Suite EL1/EL2 Test Secure-EL1 Payload (TSP) Secure-EL1 Test Secure-EL1 Payload Dispatcher (TSPD) ARMTFTest specificprotocol andmechanism ARM Trusted Firm wareTest specificprotocolviaSM C World-switch support library PSCI core framework Secure Monitor PSCI Implementation ARM Trusted Firmware ARM Trusted Firmware Test Suite SoC supplier Internal ARM Trusted Firmware Test interface
  • 14. 14 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I have to port myTrusted OS to AArch64  I can’t run a 32-bit OS or hypervisor  It won’t work on ARMv7-A Myth: ARM Trusted Firmware only supports AArch64
  • 15. 15 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I have to port myTrusted OS to AArch64  I can’t run a 32-bit OS or hypervisor  It won’t work on ARMv7-A  Reality  Initial products will use a 32-bitTrusted OS  an example Secure Monitor would help  Will support AArch32 non-secure software  but not in upstream code yet  There are no barriers to portingTrusted Firmware to ARMv7-A  This depends on development priorities Myth: ARM Trusted Firmware only supports AArch64 Reality: ARMTrusted Firmware is prioritising AArch64 without excluding Arch32 ARM Trusted Firmware Normal World Software Platform Software Trusted World Software ARM Trusted Firmware EL3 AArch64 SoC/platform port Normal World EL1/EL2 AArch64/AArch32 Secure-EL1 Payload (SP) Secure-EL1 AArch64/AArch32 Secure-EL1 Payload Dispatcher (SPD) World-switch support library PSCI core framework Secure Monitor PSCI Implementation Secure-EL1Payload specificinterface viaSecureM onitorCall(SM C)
  • 16. 16 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  It will be buggy, bloated and/or incomplete  I have to write my own firmware anyway Myth: ARM Trusted Firmware isn't ready for products
  • 17. 17 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  It will be buggy, bloated and/or incomplete  I have to write my own firmware anyway  Reality  It is being use by partnersTODAY  It's open source, of course  take what you want, fix what you need  Hardening and fitness for use are priorities for the EL3 Runtime Firmware in v0.4  We are continually improving the firmware and welcome feedback and contributions Myth: ARM Trusted Firmware isn't ready for products Reality: ARMTrusted Firmware is in use today and product readiness is a priority for v0.4 EL3 Runtime Firmware - BL31 SMC Interface SMC Dispatcher Other SMC Calls Interrupt Handler Secure Monitor PSCI Power Control Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface Non-secure firmware - BL33 (U-Boot, EDK2) Secure Boot I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Secure EL1 Payload - BL32 PSCI Test Service Router Other Test S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite - BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper Not Yet in v0.3 Partially in v0.3
  • 18. 18 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can’t use it asTrusted Boot isn’t ready  I can’t use my existingTrusted Boot code Myth: ARM Trusted Firmware requires using its Trusted Boot
  • 19. 19 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can’t use it asTrusted Boot isn’t ready  I can’t use my existingTrusted Boot code  Reality  Partners are usingTrusted Firmware with their ownTrusted Boot code TODAY  The EL3 Runtime Firmware provides significant benefits on its own  This component will have a stable interface forTrusted Boot components Myth: ARM Trusted Firmware requires using its Trusted Boot Reality: ARMTrusted Firmware can work with any Trusted Boot solution EL3 Runtime Firmware - BL31 SMC Interface SMC Dispatcher Other SMC Calls Interrupt Handler Secure Monitor PSCI Power Control Driver EL3 Arch Context Save/Restore Normal World Trusted World Interface Usage External Interface EL1 Execution Secure EL1 Execution EL2 Execution KeyGlossary BL - Boot Loader EDK2 - EFI Development Kit 2 EL - Exception Level NV - Non-Volatile PSCI - Power State Control Interface SMC - Secure Monitor Call UEFI - Unified Enhanced Firmware Interface EL3 Execution Potential Interface Non-secure firmware - BL33 (EDK2, U-Boot) Secure Boot I/O Drivers Boot ROM - BL1 Trusted Board Boot 1 Trusted Boot Firmware - BL2 Trusted Board Boot 2 Cold/Warm Boot Detection NV Storage Driver Boot Time Arch + Platform Init Temp SMC Handler Boot Time Arch + Platform Init Test Secure EL1 Payload - BL32 PSCI Test Service Router Other Test S-EL1 Arch Context Save/Restore Interrupt Handler Runtime Arch + Platform Init Test Suite - BL33_ALT PSCI Tests EL1 Arch Context Save/Restore EL2 Arch Context Save/Restore Other Tests Interrupt Handler Runtime Arch + Platform InitException Trapper BL33 BL33 (Alternative) BL32 BL2 BL1 BL31 To Hypervisor / Linux Kernel
  • 20. 20 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can’t use it for my Server SoC  I can’t use it for my Client SoC  It doesn’t work with a SCP/BMC Myth: ARM Trusted Firmware is not for my kind of SoC
  • 21. 21 https://www.github.com/ARM-Software/arm-trusted-firmware  So…  I can’t use it for my Server SoC  I can’t use it for my Client SoC  It doesn’t work with a SCP/BMC  Reality  Trusted Firmware is focussed on ARMv8-A  Upstream examples need a platform to run  the Base FVPs came first  other examples will follow  Trusted Boot flow with a control/ management processor is different, but not incompatible with ARM Trusted Firmware Myth: ARM Trusted Firmware is for my kind of SoC Reality: ARMTrusted Firmware is focussed on ARMv8-A Base Platform Cortex-A53,A57 ARMv8 Dual Cluster big.LITTLE Power Management OpenGLES Foundation Platform ARMv8 AEM
  • 22. 22 https://www.github.com/ARM-Software/arm-trusted-firmware ARM Trusted Firmware Reality Check ARM Trusted Firmware Myths  Only works with UEFI  Requires aTrusted OS  No Secure Monitor  Includes a Trusted OS  Only supports AArch64  Isn’t ready  Requires ARM’sTrusted Boot code  Not for Client/Network/Server SoCs
  • 23. 23 https://www.github.com/ARM-Software/arm-trusted-firmware ARM Trusted Firmware Reality Check ARM Trusted Firmware Myths  Only works with UEFI  Requires aTrusted OS  No Secure Monitor  Includes a Trusted OS  Only supports AArch64  Isn’t ready  Requires ARM’sTrusted Boot code  Not for Client/Network/Server SoCs ARM Trusted Firmware Reality  Works with any non-secure firmware  Trusted OS is optional  Example Monitor code included  Not aTrusted OS  AArch32 examples coming later  Is ready enough  Works with other Trusted Boot code  Designed for all ARMv8-A SoCs
  • 24. 24 ARM Trusted Firmware is for every ARMv8-A system … but doesn’t yet cover every configuration … so please get involved …and help us fill the gaps https://www.github.com/ARM-Software/arm-trusted-firmware Adopt ARM Trusted Firmware
  • 25. 25 https://www.github.com/ARM-Software/arm-trusted-firmware Thank you