ARM TrustZone

ARM TrustZone

refer to :

http://www.arm.com/zh/products/processors/technologies/trustzone/index.php

From http://trustkernel.org/zh-hans/

TrustZone是ARMv6版本开始加入到ARM处理器的安全硬件特性，包括ARM11以及CortexA系列处理器（Contex-A8,Cortex-A9, Cortex-A15等）都具有该特性。利用ARMTrustZone特性可以在一个ARM处理器中同时运行一个安全的操作系统和一个普通的操作系统，这两个系统之间互相隔离运行，同时安全的操作系统具有 更多的权限，可以管理如防护普通操作系统免受攻击等作用。ARMTrustZone处理器分为普通世界和安全世界，普通世界运行着普通的操作系统（如Android）而安全世界运行着安全的操作系统，这两个世界间通过
硬件级别进行隔离。

TrustZone是一个全系统级别的安全架构，除了处理器模式外，内存和外设之间也能够做到安全隔离，保证在普通世界中的程序无法访问安全内存与安全外 设等。利用TrustZone机制可以在安全世界中实现可信执行环境（TrustedExecution Environment），为普通世界中的操作系统提供如安全支付、DRM、安全存储等安全功能。

通过smc指令，进入这个mode来进入security world(state)

Detailed

ARM® TrustZone® technology is asystem-wide approach to security for a wide array of client and servercomputing platforms, including handsets, tablets, wearable devices andenterprise systems. Applications enabled by the technology are
extremely variedbut include payment protection technology, digital rights management, BYOD, anda host of secured enterprise solutions.

TrustZone technology is tightly integrated into Cortex®-Aprocessors but the secure state is also extended throughout the system via theAMBA® AXI™ bus and specific TrustZone System IP blocks.This system approach means that
it is possible to secure peripherals such assecure memory, crypto blocks, keyboard and screen to ensure they can beprotected from software attack.

Devices developed with TrustZone technology, according to therecommendations of the Trusted Base System Architecture specification, enablesthe delivery of platforms capable of supporting a full

Trusted Execution Environment (TEE) and security awareapplications and secure services, or Trusted Applications (TA). A TrustedExecution Environment is a small secure kernel, and normally developed withstandard APIs, developed to the TEE specification evolved
by the GlobalPlatform industry forum .

TrustZone enables the development of separate Rich Operating System andTrusted Execution Environments by creating additional operating modes to theNormal domain, known as the Secure domain and the Monitor mode. The Securedomain has the same capabilities
to the normal domain while operating in aseparate memory space. The Secure Monitor acts as a virtual gatekeepercontrolling migration between the domains.

Application Examples

Secured PIN entry for enhanced user authentication in mobile payments & banking

Protection against trojans, phishing and APT (Advanced Persistent Threats)
Enable deployment and consumption of high-value media (DRM)
BYOD (Bring your own device) device persons and application separation
Software license management
Loyalty-based applications
Access control of cloud-based documents
e-Ticketing Mobile TV

· TrustZone的实际应用

· 1. 手机本身的高安全性，比如隐私不泄露

· 2. 安全支付

· 3. 数字版权管理DRM

· 4. 基于Web的服务安全

以Marvell64-bit PXAxx平台举例，安全启动的大致流程。启动最初由单独安全芯片开始引导，APcore最初以EL3运行TEEARM TrustZone bootloader和TZ的核心管理模块Monitor；并由Monitor去加载TZ的主程序（OS，TEEruntime F/W，TrustAppplicaitons），其中这些程序运行在EL1模式下，程序都是预置的，无法修改；以上都启动完后再开始常规的系统系统，比如spl，uboot，kernel，一般除了bootloader运行在EL2下，其他程序都在EL1下运行；接着运行根文件系统ramdisk和application，运行在EL0

SR:关于switch到EL3的权限问题的思考：

SMC #0 ，难道是什么程序都可以切换到EL3的吗？我指的是权限问题。SR：我的理解是，Trustzone空间的程序TA都是预先做好的，即编译时烧录并安全加载的，意味着TA的binary本身没有问题，并且运行环境安全，并且TA也会对CA传过来的一些信息做必要的验证(信息的签名机制)。所以，切换到EL3并不需要做什么权限管控，这不像是陷入内核那样需要管控各个system call。

SR：但是想想有不对，难道手机的TEE service（TA）永远不被更新吗？当然不是，是可扩展的，但是安装过程依然是需要安全校验的。