Page MenuHomePhabricator
IndexNew Document
Phriction Trusted Firmware Trusted Services OP-TEE SPMC status History Version 17 vs 65

Version 17 vs 65

Edits

Edit Older Version 17...Edit Current Version 65...

Content Changes

= OP-TEE SPMC implementation ========================== == Introduction ------------ ###==== OP-TEE SPMC implementation This document describes the OP-TEE SPMC (Secure Partition Manager Core) implementation. This implementation is used to support the Trusted Services PSA SPsSecure Partitions (SPs). The PSA SPs aree implemented based on the Arm FF-A specifications. The OP-TEE SPMC can be be used as a reference S-EL1 implementation and the Trusted Services can be used a reference S-EL0 SP implementations. ###==== FF-A Arm Firmware Framework for Arm A-profile (FF-A) is a framework designed to standardize the communication between the various software images. Includinge the communication between the various software images in the. Including the communication between the various software images in the Secure world and Normal world. The current release of the OP-TEE SPMC is is based around the [FF-A v1.0 spec](https://developer.arm.com/documentation/den0077/latest.)). ###==== OP-TEE OP-TEE is an open source Trusted Execution Environment (TEE) implementing relying on the Arm TrustZone technology. More information can be found at [readthedocs](https://optee.readthedocs.io/en/latest/). OP-TEE can run both as a S-EL1 SP or as the S-EL1 SPMC. This document describes OP-TEE as a S-ElS-EL1 SPMC. The current mainline The current mainline OP-TEE version can be found [here](https://github.com/OP-TEE/optee_os). ###==== Trusted Services The Trusted Services project provides a framework for developing and and deploying device Root Ofof Trust (RoT) services across a range of secure processing environments such as those provided by OP-TEE and Hafnium. More information about Trusted Services can be found at [Trusted-Services](https://trusted-services.readthedocs.io/en/latest/). == Current Status -------------- Currently the mainline OP-TEE SPMC is not yet fully compliant with theLimited support for OP-TEE SPMC aligning with FF-A 1.0 is available since OP-TEE v3.19. Complete support for FF-A 1.0 and TS is planned for upcoming releases. See below for status. FF-A V1.0 spec. It also doesn't support all of the Trusted Services SPs. ### SPMC statusFor the OP-TEE release specific testing and results please see the following page: OP-TEE mainline SPMC FF-A status: | Description | Status| | --- | ----------- |- [[ https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/release-testing-3-19/ | OP-TEE 3.19 release ]] |SP loading | Supported |- [[ https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/release-testing-3-20/ | OP-TEE 3.20 release ]] |SP messaging | Supported |- [[ https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/release-testing-3-21/ | OP-TEE 3.21 release ]] |Manifest file | Not Supported |- [[ https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/release-testing-3-22/ | OP-TEE 3.22 release ]] |Memory management | Supported |- [[ https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/release-testing-3-22/ | OP-TEE 3.22 release ]] |Interrupts | Not supported | OP-TEE mainline SPMC FF-A messages status:- [[ https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/release-testing-4-0/ | OP-TEE 4.0.0 release ]] ------------------------------ ------------------------- |------------------------------|-----------| | FFA_ERROR | Supported| | FFA_SUCCESS | Supported| | FFA_INTERRUPT | Not supported| | FFA_VERSION | Supported| | FFA_FEATURES | Supported| | FFA_RX_RELEASE | Supported| | FFA_RXTX_MAP | Supported| | FFA_RXTX_UNMAP | Supported| | FFA_PARTITION_INFO_GET | Supported| | FFA_ID_GET | Supported| | FFA_MSG_WAIT | Supported| | FFA_YIELD | Not supported| | FFA_RUN | Not supported| | FFA_NORMAL_WORLD_RESUME | Not supported| | FFA_MSG_SEND | Not supported| | FFA_MSG_SEND_DIRECT_REQ | Supported| | FFA_MSG_SEND_DIRECT_RESP | Supported| | FFA_MSG_POLL | Not supported| | FFA_MEM_DONATE | Not supported| | FFA_MEM_LEND | Not supported| | FFA_MEM_SHARE | Partially supported[^1]| | FFA_MEM_RETRIEVE_REQ | Supported| | FFA_MEM_RETRIEVE_RESP | Supported| | FFA_MEM_RELINQUISH | Supported| | FFA_MEM_RECLAIM | Supported| [^1]: Device memory is not yet supported. ### Trusted Service status Currently not all Trusted Service functionality is supported when using the OP-TEE SPMC. We are planning to support all functionality over time.== Important Changes of v4.0.0 release == Currently the OP-TEE SPMC supports the following PSA Trusted Services- Added support for the `boot-order` property of the SP manifest. Earlier the boot order was determined by the linking order when using embedded packaging or by the order of SP entries in the FIP package when using FIP packaging. In case the `boot-order` property is not set for an SP, loading will fall back to the old method. - The SPMC has been updated to allow the XEN Hypervisor being executed in the NWd. All Trusted Services tests from DOM0 and DOMU virtual machines are passing. - Bug fixes: SPs: --------------------------- -------------------------------------------------------------------- |----------------------------|--------| |internal-trusted-storage: |Supported| |protected-storage: |Supported| The SPMC was accepting direct messages targeting yet to be initialized SPs, and could jumping to an invalid address as a result. |crypto: |Supported with mock backend - The SPMC was clearing MBZ registers when making FFA_ERROR calls. A hardware trngs is not yet supported|This could result in incorrect operation. |attest - In some scenarios the destination: |Not yet supported| of FFA_ERROR calls were set incorrectly. |smm-gateway: |Not yet supported| - Code handling the FFA_MEM_RECLAIM calls incorrectly assumed the NWd endpoint being 0. This resulted in a crash when a hypervisor is present in the NWd. ==== SPMC status Build -----For a list of supported FF-A features please see: https://optee.readthedocs.io/en/latest/architecture/spmc.html ==== Trusted Services status The build process is based around the [OP-TEE build process](https://optee.readthedocs.io/en/latest/building/gits/build.html) with some extra steps.All Trusted Services Secure Partitions are supported with OP-TEE SPMC v4.0.0 ### Requirements:Trusted Services SP support status: - The Trusted Services project has some extra| Name | Status | [requirements](https://trusted-services.readthedocs.io/en/latest/developer/software-requirements.html)|--------------------------|-----------| from OP-TEE. It mainly depends on cmake.| internal-trusted-storage | Supported | - The current system uses the Arm FVP to run the test environment. The| protected-storage | Supported | latest version can be found at [developer.arm.com](https://developer.arm.com/-/media/Files/downloads/ecosystem-models/FVP_Base_RevC-2xAEMvA_11.16_16.tgz) The default path for FVP in the build scripts is set to /opt/fvp/latest ### Build steps Get the manifest file: rm -rf optee| crypto | Supported | | attestation mkdir optee | Supported | cd optee| firmware-update | Supported | repo init -u https://review.trustedfirmware.org/OP-TEE/manifest -m psa-sp-fvp.xml -b topics/spmc_mainline| block-storage | Supported | repo sync -j4 --no-clone-bundle| smm-gateway | Supported | Build the OP-TEE image:== Build The OP-TEE build will default be configure to use mainline OP-TEE SPMC. To be able to build OP-TEE mainline version, it might be needed to change the SPMC_VERSION to SPMC_VERSION=github in build/fvp_ffa.mk.build process follows the [OP-TEE build process](https://optee.readthedocs.io/en/latest/building/gits/build.html#get-and-build-the-solution). Additional information is needed for some steps: Build OP-TEE:- [Step 1](https://optee.readthedocs.io/en/latest/building/gits/build.html#step-1-prerequisites): The Trusted Services project has some extra requirements described on [this page](https://trusted-services.readthedocs.io/en/latest/developer/software-requirements.html), please install these. cd build make toolchains make cd ..- [Step 2](https://optee.readthedocs.io/en/latest/building/gits/build.html#step-2-install-android-repo): - Build TS apps: make -C trusted-services/tools/b-test r-component-test-arm-linux \ r-psa-api-test-crypto-arm-linux \ r-psa-api-test-internal_trusted_storage-arm-linux \ r-psa-api-test-protected_storage-arm-linux \- [Step 3](https://optee.readthedocs.io/en/latest/building/gits/build.html#step-3-get-the-source-code): Use the manifest file for Trusted Services integration and use the 4.0.0 tagged version. r-ts-demo-arm-linux \ r-ts-service-test-arm-linux`repo init -u https://github.com/OP-TEE/manifest.git -m fvp-ts.xml -b 4.0.0` Copy the TS apps to the shared directory:- [Step 4](https://optee.readthedocs.io/en/latest/building/gits/build.html#step-4-get-the-toolchains): - cp -r trusted-services/tools/b-- [Step 5](https://optee.readthedocs.io/en/latest/install/arm-linux sharedbuilding/gits/build.html#step-5-build-the-solution): - More info about building TS-apps can be found at the [Trusted Services build instructions](https://trusted-services.readthedocs.io/en/latest/developer/build-instructions.html)- [Step 6 and onwards](https://optee.readthedocs.io/en/latest/building/gits/build.html#step-6-flash-the-device): Since we're running on models instead of real hardware, these steps are not necessary. Run fvp:== Boot make -C build run-only 2 console windows should appear, 1 for the Secure World and 1 for the Normal World. Login as rootThe current system uses the Arm AEMv-A Base Platform FVP to run the test environment. The latest version can be found at [Arm Architecture Models](https://developer.arm.com/downloads/-/arm-ecosystem-models). The downloaded FVP should be extracted at the project root (`<project root>/Base_RevC_AEMvA_pkg`). Set up the [fvp environment](https://trusted-services.readthedocs.io/en/latest/environments/deployment-guides/fvp-deployment-guide.html?highlight=ts-service-test#deploying-service-level-tests)Boot the system on the FVP: cd /mnt/ sh load_module.sh cp arm-linux/lib/libts.so.1 /usr/lib/ Run the PSA ServiceTests:make -C build run-only cd /mnt/arm-linux/binTwo console windows should appear, one for the Secure World and one for the Normal World. When the boot is complete, login as root. Then run these commands to load the necessary kernel modules and install the TS test applications and libraries: # Prepare tests cd /mnt/mnt/host/out/linux-arm-ffa-tee/load_module.sh ./mnt/host/out/linux-arm-ffa-user/load_module.sh cp arm-linux/lib/libts.so* /lib # Run the TS demo ./arm-linux/bin/ts-demo lang=shell, name="test output", lines=8 ``` Demonstrates use of trusted services from an application --------------------------------------------------------- A client requests a set of crypto operations performed by the Crypto service. Key storage for persistent keys is provided by the Secure Storage service via the ITS client. Generating random bytes length: 1 Operation successful Random bytes: 2B Generating random bytes length: 7 Operation successful Random bytes: 68 CF 0C 5D 87 C7 11 Generating random bytes length: 128 Operation successful Random bytes: BF C6 85 27 81 02 5F 83 60 97 E9 2C A6 30 8E F7 C6 81 44 CB 26 32 8D F5 62 BA 0F DE B8 2C 69 E2 DD C0 FF A0 04 E2 D0 C0 DC EA 11 CE DD 7E 33 87 62 07 89 02 00 68 FC 24 AD D2 E4 86 40 3F 6E 65 83 46 33 9A F8 84 14 3B 72 11 8D 63 59 6F 69 96 70 D2 83 8D 60 6D 9F A2 B3 54 F6 3E 5E B3 FE 07 C9 51 F1 6A F5 B0 0E AA 08 B3 AE F5 06 73 6C 8B 95 73 B2 FF 72 C6 CF 84 12 7A 7A 1F 07 F2 58 71 Generating ECC signing key Operation successful Signing message: "The quick brown fox" using key: 256 Operation successful Signature bytes: F9 F7 0E D0 4A B2 77 DF 67 40 F5 36 4D 92 38 A3 13 5B 04 A0 6C BD 84 40 03 E2 43 EE BF 6F C6 C4 5B 5D A4 21 D9 EB 17 86 B9 71 0D C9 84 0C FE 55 71 8E 5C F7 D4 7D EB 04 9B 5A 11 D7 46 96 BD A6 Verify signature using original message: "The quick brown fox" Operation successful Verify signature using modified message: "!he quick brown fox" Successfully detected modified message Signing message: "jumps over the lazy dog" using key: 256 Operation successful Signature bytes: 45 40 14 E3 39 0C 3B 8A 5F 05 C8 0C E0 B6 A6 D2 8B 5E E3 76 49 DD F1 9E 50 A0 77 6F 1B FA FF C8 38 66 6A 2D 40 B1 79 9C 43 BE 59 F4 48 45 A2 0E D0 17 3F 1F D3 D7 C0 84 65 AC 9B 8A FB 6E B6 B6 Verify signature using original message: "jumps over the lazy dog" Operation successful Verify signature using modified message: "!umps over the lazy dog" Successfully detected modified message Generating RSA encryption key Operation successful Encrypting message: "Top secret" using RSA key: 257 Operation successful Encrypted message: 42 B6 53 D8 A3 03 BB 64 66 C0 31 A5 42 2C F8 F3 B8 E3 9C 58 42 7C 2C E0 19 43 F6 02 EB 60 6A DC Decrypting message using RSA key: 257 Operation successful Decrypted message: "Top secret" Exporting public key: 256 Operation successful Public key bytes: 04 D0 9A AF 76 18 9B 3B 08 38 65 BA 5F 81 B0 85 6A 39 42 19 5F 0D 17 86 CD 7E 2A E6 A4 CC A2 E4 B3 78 89 76 F6 CA 02 12 CB 07 2B AB CF 03 59 B3 34 8D 5D 0F 31 53 E0 68 9D 25 E2 AF 2E 0C 2C BE 51 Destroying signing key: 256 Operation successful Destroying encryption key: 257 Operation successful ```cp -at /usr /mnt/host/out/ts-install/arm-linux/bin /mnt/host/out/ts-install/arm-linux/lib /arm-linux/bin/ts-service-To run the SPMC tests built into xtest -v -xg Attestation(OP-TEE test suite): ./ts-service-test -v -sg ItsServiceTests ./ts-service-test -v -sg PsServiceTests ./ts-service-test -v -sg CryptoKeyDerivationServicePackedcTests ./ts-service-xtest -v -sg CryptoMacServicePackedcTests-t ffa_spmc ./ts-service-test -v -sg CryptoCipherServicePackedcTests ./ts-service-test -v -sg CryptoHashServicePackedcTests ./ts-service-test -v -sg CryptoServiceProtobufTests ./ts-service-test -v -sg CryptoServiceLimitTests ./ts-service-test -v -sg DiscoveryServiceTests ./ts-service-test -v -sg CryptoServicePackedcTests Currently the attestation test fails due the lack of the attestation SP support.