Tweet
Tweet

Slide 1

Slide 1 text

The things behind OP-TEE 2018/09/29 la la land

Slide 2

Slide 2 text

id (uid=1000(la la land) gid=1000(la la land) groups=1000(la la land)) #北部回收業者 #肥宅 #無業游民 #來吃大食團 #交朋友 #kernel愛好者

Slide 3

Slide 3 text

今天要講一個很OP的東西...

Slide 4

Slide 4 text

OP 鄉民用語?

Slide 5

Slide 5 text

OP-TEE ?? Open Portable Trusted Execution Environment

Slide 6

Slide 6 text

執行於armv7/v8-A TrustZone環境的作業 系統核心

Slide 7

Slide 7 text

生活中的TrustZone???

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

TrustZone的上層應用 ● DRM (WideVine, PlayReady, DTCP-IP) ● Secure key storage (dm-verify) ● Mobile payments ● Protected hardware (framebuffer, PIN entry) ● Management of secure boot (via QFuses) ● Kernel integrity monitoring (TIMA)

Slide 11

Slide 11 text

先來講一些armv8-A和trustzone的故事...

Slide 12

Slide 12 text

ARM architecture

Slide 13

Slide 13 text

玩家該注意的東西 - SoC ● 常見OTT的SoC

Slide 14

Slide 14 text

armv8-A and TrustZone ● Arm TrustZone 提供物理層級的隔離環境(non security/security world) ○ 控制訪問各個IP的能力及限制DDR的存取權限 ○ CPU內部暫存器也提供了權限的限制 ● TrustZone/security world 有一套banked register + MMU ● 定義 non security/security 中斷 (IRQ/FIQ) ○ security 中斷只能被security 看到並處理 ● 開機從security world開始 ○ 建立trust chain ● SCR (Secure Configuration Register) ○ scr = 1 (non security), scr = 0 (security) ● 一道新指令 : SMC (Secure Monitor Call) ○ 觸發exception,讓CPU 能夠進入monitor ● 定義了4個特權級 (EL0-3)

Slide 15

Slide 15 text

armv8-A 提供了物理層級的隔離環境: Trusted Execution Environment(TEE,trusted) Rich Execution Environment(REE,not trtusted)

Slide 16

Slide 16 text

armv8-A (EL, Exception Level)

Slide 17

Slide 17 text

Monitor mode ● 總是執行於security world 的狀態,但是可以藉由SCR.NS去讀不同暫存器 ○ case 1 : SCR.NS = 1,MMU還是會使用security 的ttbr0/ttbr1,但是你去讀取的會讀到 non security的ttbr0/ttbr1 ○ case 2 : SCR.NS = 0,MMU還是會使用security 的ttbr0/ttbr1,你去讀取的會讀到non security的 ttbr0/ttbr1 ● Monitor mode擁有最高執行權限,所以被設計來作為非安全/安全的一個閘道 ○ 非安全狀態跟安全狀態的切換 (context switch) ○ 讀取一些跟arm相關的狀態(PSCI,Power State Coordination Interface) ○ arm自己有定義一套軟體 (ATF,arm trusted firmware)作為標準執行於monitor mode

Slide 18

Slide 18 text

arm 提供了安全防護標配 ● ARM Trusted Firmware(ATF) ● security boot flow

Slide 19

Slide 19 text

ARM Trusted Firmware ● 提供標準的 EL3 firmware ○ 目標所以有arm 64都支援 ● 給各間IC設計公司參考 ○ Power State Coordination Interface (PSCI) ○ SMC Calling Convention ○ Configuration of ARM hardware

Slide 20

Slide 20 text

● 標準的boot 流程,可是實際產品 都會跟這有差別

Slide 21

Slide 21 text

● 現代SoC內基本都不 只一顆CPU...

Slide 22

Slide 22 text

armv8文件 1. ARM® Architecture Reference Manual ARMv8, for ARMv8-A architecture profile 2. ARM® Cortex® -A53 MPCore Processor Revision: Technical Reference Manual 3. ARM® Cortex® -A Series Version: 1.0 Programmer’s Guide for ARMv8-A 4. ARM Security Technology Building a Secure System using TrustZone® Technology 5. ARM® Generic Interrupt Controller Architecture version 2.0 Architecture Specification 6. CoreLink™ GIC-400 Generic Interrupt Controller Revision: r0p0 Technical Reference Manual

Slide 23

Slide 23 text

開始介紹今天主角OP-TEE

Slide 24

Slide 24 text

OP-TEE ● open source的TEE - (BSD 2-Clause) ● 最新版本v3.2,可是今天主要講的是v2.4 ● 實作GlobalPlatform API ○ 1999創立定義smart card標準的一個組織 ○ 定義一些行動裝置安全的標準 ○ 定義TEE並訂出API ■ TEE Client API Specification v1.0 July 2010 ■ TEE Internal API Specification v1.0 Dec 2011 ● Internal Core API v1.1 June 2014 ● 最早2007由ST開發,現在是linaro 接管,使用github平台來管理所有程式碼

Slide 25

Slide 25 text

OP-TEE ● 目前mainline kernel已經有 OP-TEE的driver(4.12時整合完成) ● Android(AOSP)也已經跟OP-TEE 整合完成 ● 支援的平台很多 ● 算是比較堪用的TEE kernel

Slide 26

Slide 26 text

Hello World ● 一個hello world包含兩部份 CA/TA ○ Client Application (CA) - GlobalPlatform TEE Client API ○ Trusted Application (TA) - GlobalPlatform TEE Internal Core API ● CA就是一般linux app ● TA就是一個static link的pie ELF執行檔(包含header)

Slide 27

Slide 27 text

Hello World 結構 ta結構 : header + ELF 檔案

Slide 28

Slide 28 text

Key Concepts Context: Connection from CA to the Trusted OS. Session: Connection from CA to TA. Command: Unit of Communication from CA to TA. Shared Memory: Shared buffers allocated by Client API or by CA and registered.

Slide 29

Slide 29 text

initiation & open session res = TEEC_InitializeContext(NULL, &ctx); if (res != TEEC_SUCCESS) errx(1, "TEEC_InitializeContext failed with code 0x%x", res); res = TEEC_OpenSession(&ctx, &sess, &uuid,TEEC_LOGIN_PUBLIC, NULL, NULL, &err_origin); if (res != TEEC_SUCCESS) errx(1, "TEEC_Opensession failed with code 0x%x origin 0x%x", res, err_origin);

Slide 30

Slide 30 text

ta 載入流程

Slide 31

Slide 31 text

invoke op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, TEEC_NONE,TEEC_NONE, TEEC_NONE); op.params[0].value.a = 42; printf("Invoking TA to increment %d\n", op.params[0].value.a); res = TEEC_InvokeCommand(&sess,TA_HELLO_WORLD_CMD_INC_VALUE, &op,&err_origin); if (res != TEEC_SUCCESS) errx(1, "TEEC_InvokeCommand failed with code 0x%x origin 0x%x",res, err_origin);

Slide 32

Slide 32 text

close session and finalize TEEC_CloseSession(&sess); TEEC_FinalizeContext(&ctx);

Slide 33

Slide 33 text

滿滿的TAT https://github.com/OP-TEE/optee_test/tree/master/ta

Slide 34

Slide 34 text

如果..今天想要自幹一個security OS...

Slide 35

Slide 35 text

No content

Slide 36

Slide 36 text

OP-TEE internal ● Secure Monitor Calls - SMC ● Thread handling ● Virtual memory, MMU ● Scheduler ● File system(Secure Storage) ● Trusted Applications ● Interrupt

Slide 37

Slide 37 text

Secure Monitor Calls - SMC

Slide 38

Slide 38 text

SMC整個處理流程 1. 觸發SMC指令並傳遞參數 2. 保存normal world的暫存器(gp_registers及sys_registers, BL31) 3. 進入OPTEE的handler (OP-TEE會註冊一個callback在BL31) 4. 恢復secure EL1的暫存器(gp_registers及sys_registers, BL31) 5. eret

Slide 39

Slide 39 text

No content

Slide 40

Slide 40 text

Virtual memory , MMU ● OP-TEE有使用virtual memory的概念,也有pager的概念,可是這裡探討的是沒開 pager的 virtual memory ● OP-TEE core - ttbr1 (section mapping,1MB page) ● Threads - ttbr0 (page mapping,4K page,2level)

Slide 41

Slide 41 text

memory map ● register_phys_mem (core/arch/arm/mm/core_mmu.c) 用於註冊memory ● init_mem_map : 開機時會填 page table

Slide 42

Slide 42 text

What’s Virtual memory ● Virtual address(VA) -> MMU -> physical address(PA) ● thread的VA可以相同只要page table有管理好即可 ○ thread使用4k page (2level) ● OP-TEE core也有VA->PA可是使用flat mapping所以VA跟PA相同可是還是要 經過MMU ○ OP-TEE core 使用1MB page

Slide 43

Slide 43 text

page table thread OP-TEE core thread

Slide 44

Slide 44 text

Scheduler OP-TEE does not have its own scheduler, instead it is being scheduled by Linux kernel.

Slide 45

Slide 45 text

File system(Secure Storage)

Slide 46

Slide 46 text

Trusted Applications ● Pseudo Trusted Applications (pta) ○ 類似系統特殊服務角色,不需透過GP API 跟OPTEE編譯在一起 ○ https://github.com/OP-TEE/optee_os/tree/master/core/arch/arm/pta ■ (內建的範例) ● User Mode Trusted Applications (dynamic ta) ○ 一般TA,根據應用自己撰寫

Slide 47

Slide 47 text

Interrupt OP-TEE定義兩種interrupt ● arm gic 可以配置security interrupt/non security interrupt ○ 一般我們3C裝置使用的是gicv2, gicv3的設計很不同 ● Native interrupt ○ 在optee本地處理的(security interrupt) ● Foreign interrupt ○ 不被optee處理的中斷(non security interrupt)

Slide 48

Slide 48 text

Interrupt ● case 1 : normal interrupt發生在linux ○ linux kernel ISR處理掉 ● case 2: normal interrupt 發生再OP-TEE ○ optee -> bl31->linux處理 ->bl31->optee ● case 3: security interrutp發生在linux ○ bl31->optee->bl31->linux ● case 4:security interrutp發生在OP-TEE ○ OP-TEE ISR處理掉 normal (case 2) secruity (case 4) secruity (case 3) normal (case 1)

Slide 49

Slide 49 text

case 2 : Foreign interrupt

Slide 50

Slide 50 text

如何把玩OP-TEE ● 支持的平台非常多,如果想一次到位, 推荐HiKey960, 低價方案推荐Allwinner A64 Pine64 Board/Raspberry Pi 3 ● 單純想玩玩可以使用 QEMU,建議研究QEMUv8版本 ○ repo init -u https://github.com/OP-TEE/manifest.git -m qemu_v8.xml ○ repo sync ○ cd build ○ make -f qemu_v8.mk run -j4

Slide 51

Slide 51 text

No content

Slide 52

Slide 52 text

Any questions?