Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Introduction to
OP-TEE
25 May 2016
May-2016AGL-2.0 OP-TEE Introduction 2
OP-TEE
● OP-TEE
● Open-source Portable Trusted Execution Environment,
● Implements t...
May-2016AGL-2.0 OP-TEE Introduction 3
ARM Trustzone hardware
isolation
●
Principle
●
The SoC memory mapping / peripherals ...
May-2016AGL-2.0 OP-TEE Introduction 4
OP-TEE Software architecture
May-2016AGL-2.0 OP-TEE Introduction 5
OP-TEE
● OP-TEE OS Characteristics
● Sequential execution of commands from Client Ap...
May-2016AGL-2.0 OP-TEE Introduction 6
Global Platform
●
Features
● Protected storage,
● SW isolation,
● Device integrity.
...
May-2016AGL-2.0 OP-TEE Introduction 7
Dynamic view
May-2016AGL-2.0 OP-TEE Introduction 8
Typical boot sequence
2nd
stage Bootloader
Linux
BootROM
1st
stage Bootloader
May-2016AGL-2.0 OP-TEE Introduction 9
Boot sequence
2nd
stage Bootloader
Linux
BootROM
1st
stage Bootloader
Secure mode
: ...
May-2016AGL-2.0 OP-TEE Introduction 10
Data vs. peripherals isolation
eMMC
Flash SPI
BootROM
OP-TEE OS
Bootloader
Linux Ke...
May-2016AGL-2.0 OP-TEE Introduction 11
Data storage
● Secure storage
● Using Normal world rootfs + cryptography,
● Using e...
May-2016AGL-2.0 OP-TEE Introduction 12
Status
● Integration in Yocto/AGL
● Layer enabling a QEmu machine with OP-TEE OS +
...
May-2016AGL-2.0 OP-TEE Introduction 13
References
External links:
● http://fr.slideshare.net/linaroorg/hkg15311-optee-for-...
Upcoming SlideShare
Loading in …5
×

Introduction to Optee (26 may 2016)

4,373 views

Published on

This introduces the linaro OP-TEE project in the context of the Automotive Grade Linux distribution. This TEE is today considered as a potential key element to provides some security enforcement in the scope of Software OTA for the AGL distribution.

This brief slides set was presented during AGL Face to Face Technical Meeting 25 – 27 May, Vannes, France

Published in: Engineering

Introduction to Optee (26 may 2016)

  1. 1. Introduction to OP-TEE 25 May 2016
  2. 2. May-2016AGL-2.0 OP-TEE Introduction 2 OP-TEE ● OP-TEE ● Open-source Portable Trusted Execution Environment, ● Implements the Global Platform API on top of ARM TrustZone, ● Initiated by ST in 2007, then handled by Linaro (sources on GitHub). ● Architecture ● Security by isolated execution, introducing two contexts: – Rich Execution Environment (normal world), – Trusted Execution Environment (secure world). ● A software part handles context switches : – “secure monitor” (armv7) or “ARM trusted firmware” (armv8). ● Both worlds communicates through: – Sequences of messages ( ioctl() ), – Shared memory.
  3. 3. May-2016AGL-2.0 OP-TEE Introduction 3 ARM Trustzone hardware isolation ● Principle ● The SoC memory mapping / peripherals visibility can be configured for both worlds, ● CPU contexts, Core Exceptions Levels, ● Depends on SoC design, sometimes BootRom use this internally. Credit: http://genode.org/documentation/articles/trustzone
  4. 4. May-2016AGL-2.0 OP-TEE Introduction 4 OP-TEE Software architecture
  5. 5. May-2016AGL-2.0 OP-TEE Introduction 5 OP-TEE ● OP-TEE OS Characteristics ● Sequential execution of commands from Client App, no re-entrance, ● Checks inputs (commands/datas) received from REE, ● Strong isolation of TA, stack protections, tasks creation on each TA entries points, ● Use Secure-RAM HW capability, ● Secured Applications ● Two binaries blobs: – User space program (Normal world), – TA: Trusted Application (Secure world). ● TA are signed, and identified by a UUID, ● TA integrity is checked by the trusted OS before execution. ● OS Design ● Client library (libteec.so), ● Kernel Driver (optee.ko), ● Trusted OS (bare metal C code)
  6. 6. May-2016AGL-2.0 OP-TEE Introduction 6 Global Platform ● Features ● Protected storage, ● SW isolation, ● Device integrity. ● TEE Core API specify ● Trusted Core Framework API, ● Trusted Storage API for Data and Keys, ● Cryptographic Operation API, ● Time API, ● Arithmetical API. ● TEE Client API ● Others ● Access Control, UI API. ● Specifications are accessible: https://www.globalplatform.org/
  7. 7. May-2016AGL-2.0 OP-TEE Introduction 7 Dynamic view
  8. 8. May-2016AGL-2.0 OP-TEE Introduction 8 Typical boot sequence 2nd stage Bootloader Linux BootROM 1st stage Bootloader
  9. 9. May-2016AGL-2.0 OP-TEE Introduction 9 Boot sequence 2nd stage Bootloader Linux BootROM 1st stage Bootloader Secure mode : Load, Verify integrity OP-TEE OS Secure Monitor / ARM TF 1 2 3 4 5 : Execute
  10. 10. May-2016AGL-2.0 OP-TEE Introduction 10 Data vs. peripherals isolation eMMC Flash SPI BootROM OP-TEE OS Bootloader Linux Kernel Flash SPI BootROM eMMC Linux RootFS RAM Secure World Normal World eMMC SPI
  11. 11. May-2016AGL-2.0 OP-TEE Introduction 11 Data storage ● Secure storage ● Using Normal world rootfs + cryptography, ● Using eMMC RPMB (Jedec-84 A) partition, ● A Storage usage policy may be defined ● In regards of distro. packages & SW architecture, ● Installation strategy to perform the update ● Single vs. Dual copy updates, ● Recovery mode, rollback, persistence, ● Sw update package format, ● ...
  12. 12. May-2016AGL-2.0 OP-TEE Introduction 12 Status ● Integration in Yocto/AGL ● Layer enabling a QEmu machine with OP-TEE OS + samples apps: https://github.com/iotbzh/meta-optee ● Open points ● Security API commonly available in Intel TXT & ARM, architecture that can enforce SOTA, ● Key management, ● Updates package format, generation from Yocto,
  13. 13. May-2016AGL-2.0 OP-TEE Introduction 13 References External links: ● http://fr.slideshare.net/linaroorg/hkg15311-optee-for-beginners-and-porting-review ● http://fr.slideshare.net/linaroorg/lcu14-302-how-to-port-optee-to-another-platform Sources repositories: ● https://github.com/OP-TEE/ ● https://github.com/OP-TEE/optee_os/tree/master/documentation ● https://github.com/ARM-software/arm-trusted-firmware

×