Hi all,
I am new to ARM and TrustZone. Sorry if folowing are very naive.
Does anyone know how to write a hello world C/Java programm in TrustZone?
From the TrustZone API Spec 3.0, I know I should open some device and .... but I didn't see a full example.
I would apprecite if anyone could give me a full exaple of hello world.
As we know, TrustZone is a framework which provides us an hardware architecure, and we need to build our own software architecure according to our requirements. For example, do I need to install a new kernel in the secure world if I want to run another OS in TrustZone?
Thanks,
Fengwei
»
Quick Links
Page 1 of 1
Hello world program in TrustZone
Rate Topic:
1 Votes
#2
isogen74 
- Super Contributor
-
- Group: Members
- Posts: 1097
- Joined: 20-March 07
Posted 15 June 2011 - 11:36 AM
There are two distinct topics here - (1) TrustZone and (2) the TrustZone API.
TrustZone is a system-wide hardware architecture which provides hardware-enforced virtualization of the entire memory system, as well as any attached processors implementing the security extensions. You can implement whatever software you like on a processor using the two virtual cores, ranging from "OS + OS" to "OS + library". The following guide presents some of the options for software architectures:
http://infocenter.ar...492c/index.html
The TrustZone API is a standard software API design for accessing security services running in the secure environment, but it is only a communications channel. What data you have to pass over that channel entirely depends on what you are talking to at the other end of the pipe (you can kind of view it as "sockets for security services"). However, like the AMBA spec, ARM only provide the specification - anyone can take the API and implement it for their system. You don't have to use the TrustZone API either - if you want something lower level you can do that too ...
Iso
TrustZone is a system-wide hardware architecture which provides hardware-enforced virtualization of the entire memory system, as well as any attached processors implementing the security extensions. You can implement whatever software you like on a processor using the two virtual cores, ranging from "OS + OS" to "OS + library". The following guide presents some of the options for software architectures:
http://infocenter.ar...492c/index.html
The TrustZone API is a standard software API design for accessing security services running in the secure environment, but it is only a communications channel. What data you have to pass over that channel entirely depends on what you are talking to at the other end of the pipe (you can kind of view it as "sockets for security services"). However, like the AMBA spec, ARM only provide the specification - anyone can take the API and implement it for their system. You don't have to use the TrustZone API either - if you want something lower level you can do that too ...
Iso
This post has been edited by isogen74: 15 June 2011 - 11:37 AM
When optimizing software, consider that the quickest code to run is the bit you removed from the call path.
#3
CodeMonkey
- Member
-
- Group: Members
- Posts: 5
- Joined: 10-June 11
Posted 16 June 2011 - 02:53 AM
Hi Iso,
Thanks for your info. I looked at the TrustZone white paper you posted, it talks about some possbile software architectures. However, I didn't find any specific example of how to build a software architecture. Such as: detailed explianation of how to implement "OS+OS" or "OS+library" that I can follow.
I am still a little bit confused about TrustZone API. Suppose I have build a software architecture of "OS + OS", and I would like to implement an application of "HelloWorld" or "OnlinePayment" in secure world. Can I program in secure world(e.g. write a HelloWorld C program)? if not, how can I put the custom applilcation into secure wolrd?
Suppose I want to invoke this "secure" "HelloWorld" program from the normal world. Am I suppose to use TrustZone API to invoke it?
Many thanks,
Fengwei
Thanks for your info. I looked at the TrustZone white paper you posted, it talks about some possbile software architectures. However, I didn't find any specific example of how to build a software architecture. Such as: detailed explianation of how to implement "OS+OS" or "OS+library" that I can follow.
I am still a little bit confused about TrustZone API. Suppose I have build a software architecture of "OS + OS", and I would like to implement an application of "HelloWorld" or "OnlinePayment" in secure world. Can I program in secure world(e.g. write a HelloWorld C program)? if not, how can I put the custom applilcation into secure wolrd?
Suppose I want to invoke this "secure" "HelloWorld" program from the normal world. Am I suppose to use TrustZone API to invoke it?
Many thanks,
Fengwei
#4
isogen74
- Super Contributor
-
- Group: Members
- Posts: 1097
- Joined: 20-March 07
Posted 17 June 2011 - 11:39 AM
> Suppose I have build a software architecture of "OS + OS" ... Can I program in secure world?
That is going to depend on the implementation of your secure world operating system. TrustZone is a hardware platform; the OS provides the programming environment.
> If not, how can I put the custom application into secure world?
As above; it is going to depend on your secure world operating system.
> Suppose I want to invoke this "secure" "HelloWorld" program from the normal world. Am I suppose to use TrustZone API to invoke it?
The TrustZone API is one possible interface to the communications layer which links the two, but not the only one that is possible. The provider of the secure world environment will have to expose some form of messaging layer between the two environments, that may or may not use the TrustZone API. So it depends on the implementation of the secure world OS and the communications driver for it implemented in the normal world ...
That is going to depend on the implementation of your secure world operating system. TrustZone is a hardware platform; the OS provides the programming environment.
> If not, how can I put the custom application into secure world?
As above; it is going to depend on your secure world operating system.
> Suppose I want to invoke this "secure" "HelloWorld" program from the normal world. Am I suppose to use TrustZone API to invoke it?
The TrustZone API is one possible interface to the communications layer which links the two, but not the only one that is possible. The provider of the secure world environment will have to expose some form of messaging layer between the two environments, that may or may not use the TrustZone API. So it depends on the implementation of the secure world OS and the communications driver for it implemented in the normal world ...
When optimizing software, consider that the quickest code to run is the bit you removed from the call path.
#5
Pascalc
- Member
-
- Group: Members
- Posts: 1
- Joined: 15-June 11
Posted 23 June 2011 - 02:40 PM
Hi CodeMonkey,
I'm also interested in creating such an app. But apparently there are no examples over the Internet and Vendors will never provide your such examples.
The TrustZone (or also known as 'Security Extensions') is a very confidential subject, even if it exists since 2005. You'll need to investigate by your own about how the TZ technology is used.
Almost all actual ARM based chip devices implement the TZ system on their chip, but some Vendors are using it and some does not. It clearly depends which cellphone you're using, which kernel is on it, and how ROMs are loaded when booting the phone. In most of the cases you'll not find anything regarding how to interact with TZ.
You can find a bunch of good information over the Internet with the good keywords, but you'll never get any existing application demo.
What I understood about the TZ technology is that it is provided by ARM, then implemented by "Trusted Logic" or "M-Shield" or "Mobicore", and then used OR NOT (and most of the time it is not) by Vendors such as Samsung, Motorola, etc. So if it is not used by Vendors, potentially you'll never be able to communicate with the Secure World of the TZ.
Prove me I'm wrong and I'll be glad to get any positive info for developing my own TZ based apps
Regards.
I'm also interested in creating such an app. But apparently there are no examples over the Internet and Vendors will never provide your such examples.
The TrustZone (or also known as 'Security Extensions') is a very confidential subject, even if it exists since 2005. You'll need to investigate by your own about how the TZ technology is used.
Almost all actual ARM based chip devices implement the TZ system on their chip, but some Vendors are using it and some does not. It clearly depends which cellphone you're using, which kernel is on it, and how ROMs are loaded when booting the phone. In most of the cases you'll not find anything regarding how to interact with TZ.
You can find a bunch of good information over the Internet with the good keywords, but you'll never get any existing application demo.
What I understood about the TZ technology is that it is provided by ARM, then implemented by "Trusted Logic" or "M-Shield" or "Mobicore", and then used OR NOT (and most of the time it is not) by Vendors such as Samsung, Motorola, etc. So if it is not used by Vendors, potentially you'll never be able to communicate with the Secure World of the TZ.
Prove me I'm wrong and I'll be glad to get any positive info for developing my own TZ based apps
Regards.
#6
isogen74
- Super Contributor
-
- Group: Members
- Posts: 1097
- Joined: 20-March 07
Posted 23 June 2011 - 03:07 PM
> The TrustZone (or also known as 'Security Extensions') is a very confidential subject, even if it exists since 2005
From the ARM side of things all of the specifications are publically available - the behavior is specified by the ARM ARM for the core and AMBA specification for the memory infrastructure [see http://infocenter.arm.com]. So the TrustZone archtiecture itself is about as far from "confidential" as you can get ...
Obviously what a particualr silicon vendor actually does with the TrustZone architecture does vary, both in terms of what security they wire up (if any) and what access is provided. As always when there are so many different possible silicon providers YMMV from device to device - it's worth asking the chip provider what access they give.
From the ARM side of things all of the specifications are publically available - the behavior is specified by the ARM ARM for the core and AMBA specification for the memory infrastructure [see http://infocenter.arm.com]. So the TrustZone archtiecture itself is about as far from "confidential" as you can get ...
Obviously what a particualr silicon vendor actually does with the TrustZone architecture does vary, both in terms of what security they wire up (if any) and what access is provided. As always when there are so many different possible silicon providers YMMV from device to device - it's worth asking the chip provider what access they give.
This post has been edited by isogen74: 23 June 2011 - 03:08 PM
When optimizing software, consider that the quickest code to run is the bit you removed from the call path.
#7
asnl1987
- Member
-
- Group: Members
- Posts: 1
- Joined: 05-July 11
Posted 08 July 2011 - 07:34 AM
Hi all,
I am also new to TrustZone. When I read effect of security extensions on the CP15 registers in ARM spec (B3.12.3). I have some confusions about banked CP15 registers.
In spec, the definition of banked cp15 registers as follow:
>>When the Security Extensions are implemented, some CP15 registers are banked. Banked CP15 registers have two copies, one Secure and one Non-secure. The SCR.NS bit selects the Secure or Non-secure register...
As my understanding, "Banked CP15 registers have two copies" means there are two difference physical registers one for secure and one for non-secure.
is my understand right?
Or "Banked CP15 registers have two copies" means there is only on physical register and when change from secure state to non-sercure state or from non-secure state to secure state, processor will store this register in some where and when return the previous state processor will restore value of this register like enter and exit function.
Thanks and Best Regards.
I am also new to TrustZone. When I read effect of security extensions on the CP15 registers in ARM spec (B3.12.3). I have some confusions about banked CP15 registers.
In spec, the definition of banked cp15 registers as follow:
>>When the Security Extensions are implemented, some CP15 registers are banked. Banked CP15 registers have two copies, one Secure and one Non-secure. The SCR.NS bit selects the Secure or Non-secure register...
As my understanding, "Banked CP15 registers have two copies" means there are two difference physical registers one for secure and one for non-secure.
is my understand right?
Or "Banked CP15 registers have two copies" means there is only on physical register and when change from secure state to non-sercure state or from non-secure state to secure state, processor will store this register in some where and when return the previous state processor will restore value of this register like enter and exit function.
Thanks and Best Regards.
#8
isogen74
- Super Contributor
-
- Group: Members
- Posts: 1097
- Joined: 20-March 07
Posted 08 July 2011 - 08:49 AM
For the CP15 registers which are banked the processor hardware will manage the switch between the two register values so that the correct value is always presented to the software. i.e. there is no need for the monitor software to bank these CP15 settings by hand.
No idea how the hardware implements these; but many CP15 "registers" are not "registers" in the typical sense anyway. As a software guy it's all magic I don't have to worry about =)
No idea how the hardware implements these; but many CP15 "registers" are not "registers" in the typical sense anyway. As a software guy it's all magic I don't have to worry about =)
When optimizing software, consider that the quickest code to run is the bit you removed from the call path.
#9
CodeMonkey
- Member
-
- Group: Members
- Posts: 5
- Joined: 10-June 11
Posted 19 July 2011 - 09:26 AM
Thank you all for the kind reply. 
Does anyone could list some real product impelmented by TrustZone? TrustZone has been out many years, not sure why it is so few seen in current market.
Thanks!
Does anyone could list some real product impelmented by TrustZone? TrustZone has been out many years, not sure why it is so few seen in current market.
Thanks!
This post has been edited by CodeMonkey: 15 August 2011 - 07:39 AM
#11
Alban Rampon
- Regular Contributor
-
- Group: Blog Owners
- Posts: 169
- Joined: 11-May 09
Posted 05 December 2012 - 09:49 AM
Hi Schlauby,
Have you had a look at http://arm.com/trustzone ?
There is a white paper available called Building a Secure System using TrustZone® Technology.
In the document, you will also find links to additional publications.
Thanks,
Alban
Have you had a look at http://arm.com/trustzone ?
There is a white paper available called Building a Secure System using TrustZone® Technology.
In the document, you will also find links to additional publications.
Thanks,
Alban
Alban Rampon
Partnership Marketing Specialist, ARM.
ARM Connected Community | Contact the team | Raise a new technical support case
Partnership Marketing Specialist, ARM.
ARM Connected Community | Contact the team | Raise a new technical support case
#12
schlauby
- Member
-
- Group: Members
- Posts: 5
- Joined: 04-December 12
Posted 06 December 2012 - 10:45 AM
I read the "Building a Secure System using TrustZone® Technology" and know how to use it on hardware site and how the hardware/software architecture is.
BUT I don't know how to switch the processor from normal world to secure world in my C-code. I found the TZAPI as well with a lot of functions but how do I implement them? There have to be a header for the TZAPI somewhere! So how to do this.
Therefore a small Hello World program would be good to see how TZ is implemented.
BUT I don't know how to switch the processor from normal world to secure world in my C-code. I found the TZAPI as well with a lot of functions but how do I implement them? There have to be a header for the TZAPI somewhere! So how to do this.
Therefore a small Hello World program would be good to see how TZ is implemented.
#13
ttfn
- Super Contributor
-
- Group: Members
- Posts: 576
- Joined: 29-September 06
Posted 06 December 2012 - 12:22 PM
Have you come across this example?
http://infocenter.ar...qs/ka15417.html
It's not based on the TZAPI, but it does show switching between the two security states.
http://infocenter.ar...qs/ka15417.html
It's not based on the TZAPI, but it does show switching between the two security states.
#14
schlauby
- Member
-
- Group: Members
- Posts: 5
- Joined: 04-December 12
Posted 06 December 2012 - 04:07 PM
I haven't seen this example before but it is also not working.
My Software Development Kit doesn't know what to do with the line __smc(0) void yeild(void); because __smc(0) is not declared.
So it is again the problem about a missing Header and Source file, isn't it?
My Software Development Kit doesn't know what to do with the line __smc(0) void yeild(void); because __smc(0) is not declared.
So it is again the problem about a missing Header and Source file, isn't it?
Share this topic:
Page 1 of 1
