[Josua]

I am a student from kuwait and very much interested in trusted computing. I have few doubts in basic understanding of trusted computing.
1) What was the need for Trustzone when TPM itself could perform trusted computing ? Is it just because of space contraints due to extra chip?2) Why cannot the secure OS in trustzone be modified? is it because it is smaller trust base one can make it bug free?3) What is the basic difference between Intel TXT and Trustzone ?
I tried searching in internet about Intel TXT and I am totally confused. Thanks a lot in advance for your help.

[isogen74]

1) A TPM has no compute capability, it is simply a secure storage device with attestation capability, but it relies on the outside (untrusted) system to do most of the calculations.

2) Why cannot the secure OS in trustzone be modified?


I'm not sure what you are asking here. As a technology from ARM TrustZone provides hardware building blocks to build a secure environment. Any system developer can write their own secure OS to run in this environment. In a running system then yes, you want to prevent modification (security risk), and as always smaller is better (less bugs -> less security risk).

[Josua]

Thanks for the reply. It was really helpful. I have one more fundamental question. Can I assume that both OS run concurrently? or the processor can only be in one mode at a time ( either secure or non-secure)?

[ttfn]

At any one time the core is either in the secure world or the normal world. So the OSs do not truly run concurrently.

[isogen74]

Worth noting that in an SMP system with multiple physical cores you could have one core in "secure" and a second in "non-secure", so you can get some parallel processing working. A single core is only ever in one world at a time though ...

Iso

[Josua]

So i can think of TrustZone as separate OS rite? ..Whenever normal OS wants a secure action to be taken , it reboots or calls the other secure OS and does the action securely. So TrustZone is like an extra OS in which one can perform safely all sensitive operations !

[GopuSierra]

引用框（Josua ＠ 27 June 2012 - 07:06 PM）

So i can think of TrustZone as separate OS rite? ..Whenever normal OS wants a secure action to be taken , it reboots or calls the other secure OS and does the action securely. So TrustZone is like an extra OS in which one can perform safely all sensitive operations !

Please check www.openvirtualization.org for trustzone implementation.

[Josua]

This website that GopuSierra posted says" To improve security, these ARM processors can run a secure operating system (secure OS) and a normal operating system (normal OS) at the same time from a single core "...But people here in forum say both OS do not run concurrently..Who is right? PLEASE DO NOT CONFUSE ME MORE ..

[GopuSierra]

引用框（Josua ＠ 28 June 2012 - 07:46 PM）

This website that GopuSierra posted says" To improve security, these ARM processors can run a secure operating system (secure OS) and a normal operating system (normal OS) at the same time from a single core "...But people here in forum say both OS do not run concurrently..Who is right? PLEASE DO NOT CONFUSE ME MORE ..

It will not run concurrently.

[Coco]

引用框（GopuSierra ＠ 29 June 2012 - 12:33 AM）

It will not run concurrently.

Well, it depends what you mean by "concurrently". Two processes inside an OS appear to run concurrently, but often they are time-division-multiplexed and only one is running at any one time. That is, there are context switches between the processes such that both get some processing time. Sometimes the context switches are cooperative (one process yields to another), and sometimes the context switch is in response to an interrupt.

It can be the same in TrustZone. Each world can choose to pass control to the other (the SMC instruction), or an interrupt can cause the switch. How the two OSes are actually set up using TrustZone will depend on the system design.

So, a given processor is only running one instruction at a time (not concurrent), and, at a lower time resolution, both OSes are running at the same time and may be getting a percentage of the processing time (concurrent).

I suggest reading this http://infocenter.ar...492c/index.html to understand these kinds of issues.

[Josua]

Thanks a lot.But the more documents I read , I am more unclear on fundamental concept . If anyone can please explain what is 'virtualisation' and what does ARM mean by saying they provide a hardware enforced virtualisation ?

So far, What I understood is only one processor which has two OSes ( just like Linux + Windows) , but one OS has previlage to secure regions and written bug-free so we name it TrustZone. Ofcourse to enable this privilage we modify the hardware of SoC and also give a mechanism that this secure OS cannot be re-written.

[isogen74]

Quote

anyone can please explain what is 'virtualisation'

http://en.wikipedia..../Virtualization

Quote

what does ARM mean by saying they provide a hardware enforced virtualisation ?

The split between the resources of the two "virtual" systems is enforced by hardware, not software.