• State Resolved
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 104 subscribers
  • Views 6767 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Setup of secure world environment using Trustzone

Nuno Santos54504
Prodigy 20 points
Other Parts Discussed in Thread: OMAP3530, 4460

Hi

I'm trying to leverage the ARM Trustzone technology present in the ARM Cortex-A8 processor to run security sensitive applications in the 'secure world', and I'm using a Beagleboard, which is based on an OMAP3530 processor.

To achieve this, I need to setup the secure world with my own environment, and therefore I need to interpose my own code before the system exits to non-secure mode. In order to intercept the execution early on at bootstrap, I've built my own firmware based on [1], but apparently, at this point, the system is already in non-secure mode. My guess then is that this transition happens even earlier and it is done by the ROM code. I've checked the OMAP35x manual, but there's not much information about this, and the only relevant reference seems to suggest that there are only three services running in monitor mode for L2 cache setup.

My question is: is there a way to interpose and run some setup code before the system exits the secure mode so that I can make use of the ARM Trustzone feature? What tools would I need to make this work? Or this is simply not possible in OMAP3530?

I really appreciate your help.

Nuno

[1] http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=Beagle_Board_Wiki#Beagle_Board_Boot_Flow

[2] http://focus.ti.com/lit/ug/spruf98g/spruf98g.pdf

  • 0
    TI__Mastermind 43875 points

    Unfortunately all the Beagleboard devices are GP and not secure devices so you cannot utilize security features.

    BR,

    Steve

  • 0 in reply to Steve Clynes
    Prodigy 20 points

    Thanks for your reply, Steve. Could you just clarify what 'GP' means here?

    Do you know if it's possible to override that setup for the beagle board say, by reflashing the firmware?

    If not, are you aware of any other hardware platform based on OMAP35x processors where the usage of trustzones is unblocked? For example, the Gumstix Overo Earth board? Or these features are disabled by default on the OMAP35x processors?

    Essentially, we are trying to pull off a research project. I know that Nvidia's Tegra based boards support trustzones, but the OMAP35x processors seem to better fit our purposes.

    Many thanks,

    Nuno

     

  • 0 in reply to Nuno Santos54504
    TI__Mastermind 43875 points

    Nuno,

    GP means General Purpose.

    It is not changable through software at all and is a fixed device configuration.

    I will get someone else to comment on secure enabled availability since I don't really know.

    BR,

    Steve

  • 0 in reply to Steve Clynes
    TI__Intellectual 2655 points

    Please contact your local TI sales rep for discussing availability of security enabled devices & platform.

     

  • 0 in reply to vaibhav
    Prodigy 10 points

    I am also trying to learn about TrustZone.  Upon contacting my TI support representative, I received an email directing me to the forums.  This is definitely the right thread, as I have precisely the same set of questions as the original poster. 

    From what I can tell, having a TrustZone-enabled CPU is insufficient. It is also necessary to have supporting logic / software to enable TrustZone at platform startup.

    Perhaps a new question: Can anybody suggest a platform that does not disable TrustZone?  Perhaps a particular make and model of mobile phone?

     

    Thanks,

    -Jon

     

  • 0 in reply to Jon56122
    Prodigy 30 points

    They talk about a secure ROM feature for the OMAP series with high security but don't name a specific version which implements it.  They are all marked in the OMAP manuals as GP.  This is very misleading if they don't actually make an OMAP with these features let alone hard to develop with.  If anyone has any information please respond.

  • 0 in reply to mark yavorski
    Prodigy 20 points

    Hi.

    Does the same limitations apply to the Pandaboard's OMAP4430 or is it possible to experiment with TrustZone (for example by implementing one's own Security Monitor) on this platform ?

    Thanks in advance.

  • 0 in reply to Steve Clynes
    Prodigy 15 points

    Dear Steve,

         Does OMAP4460 supports ARM Trustzone?  Are there two kinds of OMAP4460 processor,one is GP and another is security?

  • 0 in reply to alex pulma
    TI__Prodigy 245 points

    Alex,

    OMAP4460 HS device supports ARM Trustzone.
    There are 2 kinds of OMAP4460 device types: GP devices and HS devices.

    GP is a general purpose device, which does not support security.
    HS is High security device which leverages ARM Trustzone and has security features.

    Regards,
    Nisha

  • 0 in reply to Nisha Mathew
    Prodigy 10 points

    Nisha,

    So if we assume that the OMAP 4460 HS is the only device that we can use if we want to implement a TrustZone supported secure state, there's still the question of being able to do that.  Obviously we can't change the secureROM inside the chip.  Therefore, the place to load our secure kernel would be through u-boot/x-loader.  However, does the secureROM on these chips allow us to modify these bootloaders, and does it keep the system in secure mode even after transferring execution to the bootloaders?  If the secureROM prohibits bootloader alteration, or switches the processor into non-secure mode prior to transferring execution, we're basically screwed.

    -Matt

  • 0 in reply to Matthew Areno
    TI__Prodigy 245 points

     

    Matthew,

    For more information/clarifications about the Trustzone secure world setup or boot flow on HS devices, you will need to have NDA license agreement with TI. Please contact your TI representative for the license.

    If you are interested in bootloaders, the x-loader and u-boot source code is available in git.omapzoom.org.

    http://git.omapzoom.org/?p=repo/u-boot.git;a=summary

    http://git.omapzoom.org/?p=repo/x-loader.git;a=summary

     Regards,

    Nisha