Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
1 
ARM Trusted Firmware 
LCA14 – March 2014 
Andrew Thoelke 
Systems & Software, ARM
ARM Trusted Firmware for 64-bit ARMv8-A 
A refresher 
 Standardized EL3 Runtime Firmware 
 Reducing porting and integrat...
ARM Trusted Firmware for 64-bit ARMv8-A 
A refresher 
 Reference boot flows 
 Open Source at GitHub 
 We just released ...
4 
What’s happened since last time? 
https://www.github.com/ARM-Software/arm-trusted-firmware
Juno 
ARM Trusted Firmware on ARMv8-A silicon 
5 
PWR 
ON 
Incremental copy from 
AP Trusted RAM to 
SCP Trusted RAM 
Trus...
Trusted OS and TEE 
Support for 3rd party Trusted OS/TEE 
 Support for secure interrupts and 
secure DDR RAM 
 OP-TEED p...
Production Platforms 
ARM Trusted Firmware running on partners’ ARMv8-A silicon 
 Alternative boot flows supported 
 Imp...
Shrinking firmware 
The evolution of ARM Trusted Firmware’s memory footprint* 
8 
64KB ROM RAM 
64 128 192 256KB 
https://...
Next time in ARM Trusted Firmware… 
 ARM is planning to have contributed 
 What else shows up depends on you 
9 
 A ref...
10 
https://www.github.com/ARM-Software/arm-trusted-firmware 
Thank you
Upcoming SlideShare
Loading in …5
×

LCU14 500 ARM Trusted Firmware

9,467 views

Published on

LCU14 500 ARM Trusted Firmware
---------------------------------------------------
Speaker: Andrew Thoelke
Date: September 19, 2014
---------------------------------------------------
★ Resources ★
Zerista: http://lcu14.zerista.com/event/member/137787
Google Event: https://plus.google.com/u/0/events/c6cbh0rr2488ls6bkogvi4ggcic
Video: https://www.youtube.com/watch?v=je0_-yYgKdc&list=UUIVqQKxCyQLJS6xvSmfndLA
Etherpad: http://pad.linaro.org/p/lcu14-500
---------------------------------------------------
★ Event Details ★
Linaro Connect USA - #LCU14
September 15-19th, 2014
Hyatt Regency San Francisco Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org

Published in: Software
  • Be the first to comment

LCU14 500 ARM Trusted Firmware

  1. 1. 1 ARM Trusted Firmware LCA14 – March 2014 Andrew Thoelke Systems & Software, ARM
  2. 2. ARM Trusted Firmware for 64-bit ARMv8-A A refresher  Standardized EL3 Runtime Firmware  Reducing porting and integration work  Reusable, reference implementations  Running on ARMv8-A FVPs and Juno 2  For all 64-bit ARMv8-A systems  For SoC and Trusted OS developers  PSCI  SMC Calling Convention  Configuration of ARM hardware  … and on partner’s silicon Normal World OS EL1/EL2 ARM Trusted Firmware EL3 SoC/platform port TOS library https://www.github.com/ARM-Software/arm-trusted-firmware Trusted App Secure-EL0 Trusted OS Secure-EL1 TOS specific protocol and mechanism Trusted OS Dispatcher App EL0 TOS driver TOS specific protocol via SMC via ioctl Porting interface between Trusted Firmware and SoC/ platform Interface between Trusted Firmware and Trusted OS Dispatcher ARM Trusted Firmware Trusted OS supplier SoC supplier OS/hypervisor supplier Trusted App supplier Internal TOS interface
  3. 3. ARM Trusted Firmware for 64-bit ARMv8-A A refresher  Reference boot flows  Open Source at GitHub  We just released v1.0 3  For 64-bit ARMv8-A systems  BSD License  Contributors welcome  A reason to celebrate? Trusted World Normal World Trusted OS Kernel BL31 EL3 Runtime Firmware BL2 Trusted Boot Firmware BL30 SCP Runtime Firmware System & Power Control SMCCC https://www.github.com/ARM-Software/arm-trusted-firmware BL33 Non-Trusted Firmware (e.g. U-Boot, EDK2) Key SCP Execution EL3 Execution Secure-EL1 Execution EL2 Execution BL1 AP Boot ROM BL32 Secure-EL1 Payload BL0 SCP Boot ROM Platform Boot Initialization Trusted Board Boot Trusted Board Boot PSCI World Switch Library S-EL1 Payload Dispatch SCP Application Processor (AP) 2nd level Boot Loader (BL2) loads all 3rd level images 1st level Boot Loader (BL1) loads 2nd level image Loading RESET RESET
  4. 4. 4 What’s happened since last time? https://www.github.com/ARM-Software/arm-trusted-firmware
  5. 5. Juno ARM Trusted Firmware on ARMv8-A silicon 5 PWR ON Incremental copy from AP Trusted RAM to SCP Trusted RAM Trusted Boot Firmware Explicit API Usage BL2 https://www.github.com/ARM-Software/arm-trusted-firmware  Juno port upstream  Complete PSCI implementation  Application processor firmware is all open for updating by developers  Still to come:  More secure RAM for Trusted OS porting and development  Authentication of firmware images during boot Secure-EL1 Execution EL1/EL2 Execution SCP Boot ROM SCP Runtime Firmware AP Boot ROM SCP Boot ROM EL3 Runtime Firmware Non-Trusted Firmware SCP Trusted ROM SCP Trusted RAM AP Trusted ROM AP Trusted RAM (on chip) Trusted RAM (on or off chip) Non-Trusted RAM SCP Runtime Firmware Waiting PWR ON Linux Kernel External Hand-Off API Internal Hand-Off API Implicit API Usage Key EL3 Execution Component loading other Component SCP Execution BL0 BL0 BL1 BL30 BL30 BL31 BL33 Secure-EL1 Payload BL32 Running EL3 Runtime Firmware BL31 Waiting Running Running (optional) Running Waiting Trusted Boot Firmware BL2 Trusted/Non-Trusted Boundary SCP/AP Boundary via SMC in BL1 No Execution Detailed boot flow on Juno
  6. 6. Trusted OS and TEE Support for 3rd party Trusted OS/TEE  Support for secure interrupts and secure DDR RAM  OP-TEED patches merged this week 6  Supporting different Trusted OS memory and interrupt requirements  Thank you Jens!  OP-TEE now running on ARMv8-A FVP models – all code upstream Normal World OS EL1/EL2 Trusted App Secure-EL0 OP-TEE protocol and mechanism TEE Client API OP-TEE client OS/hypervisor supplier Trusted App supplier Global Platforms spec. https://www.github.com/ARM-Software/arm-trusted-firmware  Still wanted:  OP-TEE running on ARMv8-A silicon  Dispatchers for other OSS Trusted OSes ARM Trusted Firmware github.com/OP-TEE SoC supplier Internal OP-TEE interface ARM Trusted Firmware EL3 SoC/platform port OP-TEE OS Secure-EL1 OP-TEE Dispatcher (OPTEED) App EL0 OP-TEE Linux driver OP-TEE protocol via SMC via ioctl TEE Internal API Porting interface between Trusted Firmware and SoC/ platform
  7. 7. Production Platforms ARM Trusted Firmware running on partners’ ARMv8-A silicon  Alternative boot flows supported  Improved debugging of firmware errors  Easy selection of 32/64-bit execution 7  Reuse of existing secure boot loaders  Reset to RAM firmware  Stable boot flow interfaces  Crash reporting for fatal errors and unexpected exceptions  Register width for Trusted OS  Exception Level and register width for normal world software  Platforms with wide I/O addresses  “Follow the manual” CPU specific code  For correct hardware operation  Still to come  Performance and scalability investigation and improvements  Even more boot flow flexibility – Enterprise and Networking scenarios  Improving integration for SoC suppliers, Trusted OS suppliers and OEMs https://www.github.com/ARM-Software/arm-trusted-firmware
  8. 8. Shrinking firmware The evolution of ARM Trusted Firmware’s memory footprint* 8 64KB ROM RAM 64 128 192 256KB https://www.github.com/ARM-Software/arm-trusted-firmware 24 16 12 44 20 12 64 36 28 108 96 56 68 52 28 8 4 4 v0.3 v0.4 v1.0 BL1 BL2 BL3-1 BL3-2 292KB 208KB 128KB† * Memory usage of code and data for a release build of ARM Trusted Firmware for FVP including the TSP † In v1.0 the peak memory usage is even lower as some of the firmware images are overlayed in the same memory during the course of booting the platform
  9. 9. Next time in ARM Trusted Firmware…  ARM is planning to have contributed  What else shows up depends on you 9  A reference implementation of Trusted Board Boot, up to the non-secure firmware  Support for PSCI v1.0 – a specification update is in progress  Tell us what’s broken  Tell us what’s missing  Send us your improvements … new contributions are always welcome https://www.github.com/ARM-Software/arm-trusted-firmware
  10. 10. 10 https://www.github.com/ARM-Software/arm-trusted-firmware Thank you

×