本文详细介绍了ARM Trusted Firmware (ATF) 的作用及其在ARM V8架构中的关键步骤。ATF不仅实现了Trusted Board Boot Requirements (TBBR),还提供Power State Coordination Interface (PSCI)用于电源管理和Linux系统的支持。此外,还探讨了ATF在Secure World与Normal World之间切换的作用。
ATF全称是ARM Trusted Firmware,由ARM公司提供的开源firmware。https://github.com/ARM-software/arm-trusted-firmware.
The ARM Trusted Firmware implements a subset of the Trusted Board Boot Requirements (TBBR) Platform Design Document (PDD) for ARM reference platforms.
The ARM Trusted Firmware also implements the Power State Coordination Interface (PSCI) PDD as a runtime service. PSCI is the interface from normal world software to firmware implementing power management use-cases (for example, secondary CPU boot, hotplug and idle). Normal world software can access ARM Trusted Firmware runtime services via the ARM SMC (Secure Monitor Call) instruction. The SMC instruction must be used as mandated by the SMC Calling Convention PDD .
The cold boot path in this implementation of the ARM Trusted Firmware is divided into five steps (in order of execution):
Trusted Firmware has 5 steps which are called as BL1, BL2, BL3-1, BL3-2, and BL3-3. BL(Boot Loader)
- Boot Loader stage 1 (BL1) AP Trusted ROM
- Boot Loader stage 2 (BL2) Trusted Boot Firmware
- Boot Loader stage 3-1 (BL3-1) EL3 Runtime Firmware
- Boot Loader stage 3-2 (BL3-2) Secure-EL1 Payload (optional)
- Boot Loader stage 3-3 (BL3-3) Non-trusted Firmware。e.g.: uboot
The ARM Fixed Virtual Platforms (FVPs) provide trusted ROM, trusted SRAM and trusted DRAM regions.
The ARM FVPs implement a simple power controller at 0x1c100000.
The PSYS register (0x10) is used to distinguish between a cold and warm boot. This information is contained in the PSYS.WK[25:24] field.
参考:
启用ATF
‘select ARM64_USE_ARM_TRUSTED_FIRMWARE’ in your Kconfig.
ARM v7中并没有ATF。
在ARM V8架构中Secure World与Normal World之间的切换是有ATF中的bl31来完成,而在切换过程中进入到TEE OS的则是通过bl31中的SPD机制来实现的。也即是ATF中的bl31提供了SPD机制,允许各种TEE solution将自己的线程向量表注册到bl31中,当需要从normal world切换到TEE中时,通过触发smc操作进入ARMv8中的EL3运行Bl31代码,然后在bl31中通过SPD查找到注册的线程向量表进入到TEE中。
但是在ARMv8中各家厂商都在使用ATF,而且在secure boot阶段,TEE image也是有ATF来加载而不再是有bootloader来完成
TrustZone与OP-TEE通常在手机安全和可信应用的话题里提到。
为什么要用ATF
Coreboot for ARMv8 has 2 options to pass an execution from it to a payload. The first is passing execution to a payload directly and the second one is passing to the BL3-1 code before a payload. You always don’t have to use Trusted Firmware. However, you need to enable Trusted Firmware if you want to run Linux because it expects to work with PSCI. PSCI is an abbreviation of Power State Coordination Interface which is a standard interface for power management that can be used by OS vendors for supervisory software working at different levels of privilege on an ARM device. Coreboot doesn’t have the setup for PSCI but Trusted Firmware does.
扫一扫
638
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
