HKG15-502: ARM Trusted Firmware Evolution
---------------------------------------------------
Speaker: Andrew Thoelke
Date: February 13, 2015
---------------------------------------------------
★ Session Summary ★
An update on ARM Trusted Firmware and PSCI.
Version 1.1 of ARM Trusted Firmware delivers an initial implementation of Trusted Board Boot and completes support for PSCI. At least, it does so for v0.2 of the PSCI specification – but there is a new version of PSCI. This session provides details on the new version of the standard and the latest ARM Trusted Firmware release.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250856
Video: http://people.linaro.org/linaro-connect/hkg15/Videos/02-13-Friday/170106%20HKG15%20502%20ARM%20Trusted%20Firmware%20Evolution.mp4
Etherpad: http://pad.linaro.org/p
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
2. 2
Standardized EL3 Runtime Firmware
For all 64-bit ARMv8-A systems
Reducing porting and integration work
For SoC andTrusted OS developers
Reusable, reference implementations
Power State Coordination Interface (PSCI)
SMC Calling Convention
Configuration of ARM hardware
Running on ARMv8-A FVPs and Juno
… and nearly all new ARMv8-A platforms
ARM Trusted Firmware for 64-bit ARMv8-A
A refresher
ARM Trusted Firmware
EL3
SoC/platform port
Normal World OS
EL1/EL2
Trusted OS
Secure-EL1
Trusted OS Dispatcher
TOSspecific
protocoland
mechanism
Trusted App
Secure-EL0
App
EL0
TOS driver
TOS library
TOSspecificprotocolviaSM
C
viaioctl
Porting interface
between Trusted
Firmware and SoC/
platform
Interface between
Trusted Firmware and
Trusted OS Dispatcher
ARM Trusted Firmware
Trusted OS supplier
SoC supplier
OS/hypervisor supplier
Trusted App supplier
Internal TOS interface
3. 3
Reference boot flows
For 64-bit ARMv8-A systems
Open Source at GitHub
BSD License
Contributors welcome
We have just released v1.1
Adds authentication toTrusted Board Boot
Many partners porting
ARM Trusted Firmware for 64-bit ARMv8-A
A refresher
BL31
EL3 Runtime Firmware
EL2 Execution
Secure-EL1 Execution
SCP Execution
Key
EL3 Execution
BL33
Non-Trusted
Firmware
(e.g. U-Boot,
EDK2)
BL1
AP Boot ROM
BL2
Trusted Boot
Firmware
BL32
Secure-EL1 Payload
BL0
SCP Boot
ROM
BL30
SCP Runtime
Firmware
Platform Boot
Initialization
System &
Power Control
Trusted Board
Boot
Trusted Board
Boot
PSCI
World Switch
Library
SMCCC
Trusted OS Kernel
S-EL1 Payload
Dispatch
Trusted World Normal World
SCP Application Processor (AP)
2nd level Boot
Loader (BL2)
loads all 3rd
level images
1st level Boot
Loader (BL1)
loads 2nd level
image
Loading
RESET RESET
https://github.com/ARM-software/arm-trusted-firmware
4. 4
Feb 13 Conception ARM has idea of providing reference EL3 software
Jun 13 Initiation ARM project scope and proposal
Jul 13 Communication Discussions with partners at LCE13
Sep 13 Implementation Initial binaries in Linaro AArch64 release
Oct 13 Introduction Source code at GitHub and LCU13 announcement
Mar 14 Clarification Mythbusting misconceptions at LCA14
May 14 Adoption Early adopters port to silicon
Sep 14 Celebration Juno port
OP-TEE support at LCU14
Feb 15 Evolution Complete PSCI 0.2
Start PSCI 1.0 andTrusted Board Boot
Porting to 96Boards at HKG15
The story so far…
6. 6
Prototype for FVP and Juno
Image authentication from Root ofTrust
Keys in chain of trust managed using
X.509v3 certificates
Optionally included in BL1 and BL2
Uses PolarSSL (mbedTLS) for
cryptography and X.509
Still to come:
Firmware recovery, optional features
Flexibility for alternative cryptography
implementation and chains of trust
Optimisation
Trusted Board Boot
Reference implementation of the ARM TBBR specification
Secure-EL1 Execution
EL1/EL2 Execution
SCP Boot
ROM
SCP Runtime
Firmware
AP Boot
ROM
SCP Boot
ROM
EL3 Runtime
Firmware
Non-Trusted
Firmware
SCP Trusted ROM SCP Trusted RAM AP Trusted ROM AP Trusted RAM (on chip) Trusted RAM
(on or off chip)
Non-Trusted RAM
SCP Runtime
Firmware
Waiting
PWR
ON
Linux Kernel
External Hand-Off
API
Internal Hand-Off
API
Implicit API Usage
PWR
ON
Incremental copy from
AP Trusted RAM to
SCP Trusted RAM
Explicit API Usage
Key
EL3 Execution
Loading and
Authentication
SCP Execution
BL0
BL0
BL1
BL30
BL30
BL31
BL33
Secure-EL1
Payload
BL32
Running
EL3 Runtime
Firmware
BL31
Waiting
Running
Running
(optional)
Running
Waiting
Trusted Boot
Firmware
BL2
Trusted Boot
Firmware
BL2
Trusted/Non-Trusted Boundary
SCP/AP Boundary
via SMC
in BL1
No Execution
Detailed boot flow on Juno
TBBR Chain of Trust
7. 7
Power State Coordination Interface
PSCI 1.0 Released February 2015
It’s on ARM Infocenter
No click through
Culmination of lots of work involving OS vendors and silicon vendors
Aligned with DeviceTree and ACPI
Simple migration path from PSCI 0.2 – lots of new optional features
Trusted Firmware will be implementing these through 2015
Feedback is always welcome
As with all ARM specifications you can e-mail us direct on errata@arm.com
http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf
8. 8
Core changes:
Removed assumptions on power domain layout to allow better match to hardware
Improved ability for implementation to describe features to the OS
Improved diagnostics:
Can optionally provide physical power state from power controller
Can optionally provide statistics on power state usage and residency
More options for Idle management:
New OS Initiated mode allows precise control from the OS
You can trade off OS vs firmware complexity depending on your application
Improved support for suspend to RAM, and for debug
What’s new in PSCI 1.0
Better match to HW - Richer set of options
9. 9
ARM Trusted Firmware has been rapidly adopted for ARMv8-A based platforms
It will be running in many products this year
It’s about to get easier to start experimenting with secure software on ARMv8-A
We would like upstream platform support for all 96Boards devices
OP-TEE works ‘out of the box’
We are always keen to hear your feedback
Tell us what’s broken
Tell us what’s missing
Send us your improvements … new contributions are always welcome
What happens next depends on you