Lcu14 107- op-tee on ar mv8
-
Upload
linaro -
Category
Technology
-
view
991 -
download
7
description
Transcript of Lcu14 107- op-tee on ar mv8
![Page 1: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/1.jpg)
LCU14 BURLINGAME
Jens Wiklander, LCU14
LCU14-107: OP-TEE on ARMv8
![Page 2: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/2.jpg)
OP-TEE OverviewOP-TEE is an Open Source TEE and is the result of collaboration work between STMicroelectronics and Linaro (Security Working Group).
It contains the complete stack from normal world client API's (optee_client), the Linux kernel TEE driver (optee_linuxdriver) and the Trusted OS and the secure monitor (optee_os).
![Page 3: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/3.jpg)
OP-TEE is an Open Source TEE and is the result of collaboration work between STMicroelectronics and Linaro (Security Working Group).
It contains the complete stack from normal world client API's (optee_client), the Linux kernel TEE driver (optee_linuxdriver) and the Trusted OS and the secure monitor (optee_os).
OP-TEE Overview
![Page 4: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/4.jpg)
● ARMv8-A comes with ARM Trusted Firmware (ATF)
● ATF runs at EL3 and is in charge of● Trusted Boot● Power State Coordination Interface (PSCI)● Secure Monitor Calls (SMC) Calling Convention
● OP-TEE OS runs at Secure EL1 (S-EL1) and need to cooperate with ATF
ARM Trusted Firmware
![Page 5: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/5.jpg)
![Page 6: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/6.jpg)
● The secure monitor runs at EL3 and need to be located within ATF
● A secure monitor in ATF is called a Dispatcher
● The Dispatcher is responsible to act as a Secure Monitor and interface with the Trusted OS running at S-EL1
● There is already one Dispatcher in ATF, Test Secure Payload Dispatcher (TSPD)
● To interface with OP-TEE OS we need a new Dispatcher, OP-TEE Dispatcher (OPTEED)
Secure Monitor
![Page 7: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/7.jpg)
● OPTEED works in principle like TSPD but● handles SMCs specific to OP-TEE● handles FIQ and IRQ routing specific to OP-TEE● starts OP-TEE OS in Aarch32
● The dispatcher is transparent to normal world● No dispatcher specific changes in the OP-TEE Linux Driver
OP-TEE Dispatcher
![Page 8: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/8.jpg)
● OP-TEE OS runs in AArch32 mode to minimize the initial effort to port to ARMv8-A
● The internal Secure Monitor is replaced with an interface to work with the OP-TEE Dispatcher in ARM Trusted Firmware
OP-TEE OS
![Page 9: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/9.jpg)
● Ported to AArch64 since normal world is running in AArch64 mode
● Linux driver is limited to SMC32 (as defined by ARM SMC Calling Convention) calls since OP-TEE OS is still in Aarch32
OP-TEE Client and Linux Driver
![Page 10: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/10.jpg)
● OP-TEE source available at http://github.com/OP-TEE
● ATF source available at https://github.com/ARM-software/arm-trusted-firmware
● If the OP-TEE dispatcher has not been merged yet, it can be found in pull request: https://github.com/ARM-software/arm-trusted-firmware/pull/188
Source code
![Page 11: Lcu14 107- op-tee on ar mv8](https://reader033.fdocuments.us/reader033/viewer/2022052600/557b2d9ad8b42a4e048b5471/html5/thumbnails/11.jpg)
More about Linaro Connect: connect.linaro.org Linaro members: www.linaro.org/membersMore about Linaro: www.linaro.org/about/