Download - Lcu14 306 - OP-TEE Future Enhancements
![Page 1: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/1.jpg)
LCU14 BURLINGAME
Joakim Bech, Jens Wiklander and Pascal Brand, LCU14
LCU14-306: OP-TEE Future Enhancements
![Page 2: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/2.jpg)
● Aim and problem● Interaction between TA and Cryptographic Services● Does not define how the services are implemented / data structures
● Current Status● LibTomCrypt is the cryptographic library in OP-TEE● End user may want to switch to ...
- OpenSSL - Using ARMv8-A cryptographic extensions - Dedicated cryptographic IP
● Enhancement● Define a low level API to easily switch from one implementation to another one.
Cryptographic Layer in OP-TEE
![Page 3: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/3.jpg)
● Current Status● Internal API 1.0 is supported
● Enhancement● Add support for GP Internal API 1.1 released in June 2014● Main updates are:
- Elliptic Curve Digital Signature Algorithm (ECDSA) - Elliptic Curve Cryptography Cofactor Diffie-Hellman (ECDH) - Some errata with new error cause - Few deprecated features (object)
GlobalPlatform Internal Core API 1.1
![Page 4: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/4.jpg)
● Current Status● File storage is implemented (using a daemon running normal world)● Data isn’t encrypted by default● No persistent storage
● Enhancement● Making Secure Storage … more secure
● Enable encryption by default● Key provisioning● Streaming to be taken into account● Replay Protected Memory Block (RPMB) support
Secure Storage
Secure World
Trusted Application
Normal World
TEE supplicant
Trusted OSLinux kernel
Secure monitor
RPMB
![Page 5: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/5.jpg)
● Aim and problem● GlobalPlatform TEE Internal API defines support of the Clock● Secure clock will be needed in DRM use cases● Secure IP usage is specific to a given platform
● Current Status● Only based on REE using RPC NOT Secure!
● Enhancement● Enable clocks from both REE and Secure IP● Create a Time API to access the Secure IP● Fulfill TEE Internal API 1.1 requirements of maximum 15% deviation from real time
Secure Time
![Page 6: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/6.jpg)
● Aim and problem● Memory footprint of the Trusted OS part is critical● OP-TEE enables all GlobalPlatform features by default
● Enhancement● Make it possible to select functionality at compile time
● All cryptographic algorithms are probably not needed …
● Some functionality may not be needed (Big Number arithmetic, ...)
Reduce Memory Footprint
![Page 7: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/7.jpg)
● Aim● Enable multiple TA functions to be called at the same time
● Current Status● Threading model of the Trusted OS is ready, but not activated
● Enhancement● Will enable multiple-TA’s running in parallel
Multiple TA Support
![Page 8: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/8.jpg)
● Aim● Trusted OS may run on embedded memory which is small
● Enhancement● Paging the Trusted OS would solve memory constraint
● some parts would never be paged out (mmu management,...)
● some parts could be paged in DDR (secured or encrypted)
Paging
![Page 9: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/9.jpg)
● Aim● Make OP-TEE aware of PSCI functions.
● Current Status● OP-TEE aware of: CPU_ON, CPU_OFF,
CPU_SUSPEND and CPU_RESUME (as stubbed functions)
● ARM-Trusted-Firmware handles● Implemented: PSCI_VERSION, AFFINITY_INFO
● Not implemented: MIGRATE, MIGRATE_INFO_TYPE,
MIGRATE_INFO_UP_CPU, SYSTEM_OFF and SYSTEM_RESET
PSCI - Power State Coordination Interface
![Page 10: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/10.jpg)
● Aim and problem● Already exists in normal world (user space and kernel)● To avoid attack like return-to-libc-attack for example● Make it random enough!
● Enhancement● This feature could be part of Trusted OS● Current limitations
● We use pre-defined virtual addresses● Trusted Applications are currently statically linked
ASLR - Address Space Layout Randomization
![Page 11: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/11.jpg)
● GlobalPlatform Trusted UI 1.1● API to display content and capture input
in a secure manner.
● User-mode TEE● For early Trusted Applications development and debug● Avoid the need for having a full TrustZone platform
● Support for OP-TEE in QEMU● Virtualization team have patches enabling
TrustZone functionality
Other Potential Enhancements
![Page 12: Lcu14 306 - OP-TEE Future Enhancements](https://reader034.vdocuments.us/reader034/viewer/2022052223/557b2d9dd8b42a4e048b5473/html5/thumbnails/12.jpg)
More about Linaro Connect: connect.linaro.org Linaro members: www.linaro.org/membersMore about Linaro: www.linaro.org/about/