From patchwork Mon Feb 26 12:36:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bryan O'Donoghue X-Patchwork-Id: 129635 Delivered-To: patch@linaro.org Received: by 10.46.66.2 with SMTP id p2csp155926lja; Mon, 26 Feb 2018 04:40:34 -0800 (PST) X-Google-Smtp-Source: AH8x2242WM/uE4DVXinbRloiV+M0DQqdbaOz2pBU3usO5oCw0YfasdGmgVDyB9Jz+bvWFFcpH7ez X-Received: by 10.80.138.155 with SMTP id j27mr14522306edj.36.1519648834522; Mon, 26 Feb 2018 04:40:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519648834; cv=none; d=google.com; s=arc-20160816; b=D2NuTJqBULLDdqY0RMcgPTDBjQGlct6wm4lxDzvTpz63T+mMubIy8eykbAr8+BRQCI t+fOvbvS9oXt/sIYsSXkEjf03NUoN7VgmXwYGJm7UicPStKnwHCFzMH6Gy0vVRK3+B3Z kloDFz6Pw91QTfPD7CIEa64dAGj3E/uVK+jfuCRZ4QeUQFM8I5biVW6u+11G+xJgJR1R 8rLcHt6e+kKzMQne29AdSbKPGHfmgNB5CikjYIm8AE5X2Lt3Q83VKIOUZKsZcg9RQ7jw j3tHywaG4WGFK13HlRR/0/nU6rs89mhebxQjjIQQeBuoqB51XOBHY4NzIySdFXc2FYMF 1tiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:arc-authentication-results; bh=IOhCpKUxlMdJLmyNPrad3DPqKOB3Nb0VMRA9nhscV24=; b=mNhFS4MXyUnBo5YfZud0UCSoFwYoKg5CeCx9dEJIEMT+Oltp9QomGRoOyRuGJj36wQ +2U2nOPqkqL325u2M4tubmIT4F7Dq/qMYJPaPfxoLOLhD6JwsuwM3Lo/e+cXKSpxmXdm OEsY4vUUgsl8LA5urhX4U4JKdWIAI0wGb6//ehvvZUIWCh3wK5ey8ndQ0N2AnBhI+lL4 BxVv7Wj3WvqIGyvN0ROxiT0+vkx6lSkJsTinsGgljcjvMGQFd3srcIFFeaO+j0DGAFgZ Lf7AGLgQe5JgTBOziapmDQZCVaVGr91vzNNvb5UNAWiWALCUozg2PtqTt5X6ERBTOM/2 b+bw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=TDXZyAHE; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.denx.de (dione.denx.de. [81.169.180.215]) by mx.google.com with ESMTP id r28si1824744edl.492.2018.02.26.04.40.34; Mon, 26 Feb 2018 04:40:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) client-ip=81.169.180.215; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=TDXZyAHE; spf=pass (google.com: best guess record for domain of u-boot-bounces@lists.denx.de designates 81.169.180.215 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: by lists.denx.de (Postfix, from userid 105) id 1018DC220F4; Mon, 26 Feb 2018 12:38:14 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 79920C22112; Mon, 26 Feb 2018 12:36:36 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id A48B8C220CA; Mon, 26 Feb 2018 12:36:22 +0000 (UTC) Received: from mail-wm0-f65.google.com (mail-wm0-f65.google.com [74.125.82.65]) by lists.denx.de (Postfix) with ESMTPS id 646FCC22103 for ; Mon, 26 Feb 2018 12:36:18 +0000 (UTC) Received: by mail-wm0-f65.google.com with SMTP id q83so17192506wme.5 for ; Mon, 26 Feb 2018 04:36:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=W3AP2W1OHSTh2kv4tdR0iX93prvD95Tb8ryWy9QonmA=; b=TDXZyAHEw0pw/PsOF7EpyJ3CoKqdQdX93F6E/iNQfiH7IKzKL+k2yPsvocAQXVmYIS GnbAuyF4goACNmQql24n+Xj8wsHtn/0RP2I7ewxJia5HTe7R0ojYfEO7nKKPGX0bOjL9 u/Kl4JQnX63NsAGUdeMA27o+X1+Btp+QHIMmg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=W3AP2W1OHSTh2kv4tdR0iX93prvD95Tb8ryWy9QonmA=; b=TUlgcp8L3Q1sbJfLMHMt/GrzTwSSWftbrAUVS2TL/0Cgr69Yjkwj3ZPe5aoE7j2usB 1KrmYxzHeTCQvXTT6ZSS1HZiDgcJYleKgWBUS9IfU7+Tefcik42vZm4M40pqYDgwhjQl QPNcL3LZ0ruxwfppPR+JTKn46yZDe771Q6MVCASj6eeZ+tGGK/rrzKJZtUCIakx4dnPC AwrmDaL2rv/ufRxNkY4/5CUN8r4h6A1A5yXHDIgEfy0sUeRCX6AA4fEHRCZmB8kkIAC3 +SPiLaImh7ZtBkO3BxY1jnOA4Ah2LtwOOkRPoqUU+gxOy6/WLuhgXbOKCEfwPAr+I9FI +pvQ== X-Gm-Message-State: APf1xPD04HLbHfo4np2FXYhXOiW5rJGDtPPR5VuiQ6d0adUPLmrDjEBI L63BuNvkJMjnDp37dZbRUP1FeAXFbNA= X-Received: by 10.80.133.200 with SMTP id q8mr14307717edh.286.1519648577649; Mon, 26 Feb 2018 04:36:17 -0800 (PST) Received: from localhost.localdomain ([109.255.42.2]) by smtp.gmail.com with ESMTPSA id f6sm2493967edn.45.2018.02.26.04.36.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 26 Feb 2018 04:36:17 -0800 (PST) From: Bryan O'Donoghue To: u-boot@lists.denx.de, trini@konsulko.com, harinarayan@ti.com, afd@ti.com, kever.yang@rock-chips.com, philipp.tomsich@theobroma-systems.com, peng.fan@nxp.com Date: Mon, 26 Feb 2018 12:36:02 +0000 Message-Id: <1519648566-12061-9-git-send-email-bryan.odonoghue@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1519648566-12061-1-git-send-email-bryan.odonoghue@linaro.org> References: <1519648566-12061-1-git-send-email-bryan.odonoghue@linaro.org> Subject: [U-Boot] [PATCH v4 08/12] doc: TEE: Add documentation describing TEE in u-boot X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" This patch adds a brief description of TEE in u-boot. It gives a basic introduction, description of image generation with mkimage plus the various ways u-boot can install or chainload a TEE. Methods covered in this patch are - tee-standalone This is method where u-boot loads a TEE into an area of DRAM or SRAM hands off control to a ROM callback or jumps into the TEE intself and then once the TEE is installed, returns control to u-boot. - tee-bootable This is the method where u-boot chain-loads the TEE. In this case once u-boot hands off control to the TEE execution does not return to u-boot. Subsequent methods of performing a TEE boot with u-boot may be added over time, for example "tee-combo" is being discussed. Signed-off-by: Bryan O'Donoghue --- doc/README.trusted-execution-environment | 123 +++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 doc/README.trusted-execution-environment diff --git a/doc/README.trusted-execution-environment b/doc/README.trusted-execution-environment new file mode 100644 index 0000000..12bf615 --- /dev/null +++ b/doc/README.trusted-execution-environment @@ -0,0 +1,123 @@ +Trusted Execution Environment +============================= + +Overview +-------- +Trusted Execution Environment (TEE) specifies a secure mode of execution of a +processor. The TEE provides an isolted environment that runs in parallel to the +rich execution environment meaning an environment such as a Linux based +operating system. + +TEE may provide access to crypto keys or other pieces of secure silicon that are +not available to the rich execution environment or TEE implementations may +reside in secure sections of memory only accessible when running in a TEE +context. + +The TEE specification is available here: +https://www.globalplatform.org/specificationsdevice.asp + +In u-boot currently all TEE versions supported are based on the Open Portable +Trusted Execution Environment project. OP-TEE is an open source implementation +of a TEE. + +See https://www.op-tee.org/ for more details. + +Supported TEE methods +--------------------- + +In u-boot there are two means of installing a TEE + +- Installing a TEE (tee-standalone) + + In this case u-boot is responsible for loading the TEE into memory, jumping + into the TEE and subsequently handling return of control back to u-boot. + + u-boot then is responsible to load and boot a kernel and DTB in the normal + way. + + BootROM/SPL + | + v + u-boot ----> + TEE + u-boot <---- + | + v + Linux + +- Chainloading via a TEE (tee-bootable) + + In this case u-boot is responsible for loading the TEE into memory and handing + control to the TEE. The TEE then will enter into secure mode boot-strap itself + and hand control onto a subsequent boot stage - typically a Linux kernel. + + When chain-loading in this way u-boot is reponsible for loading bootscripts, + Kernel, DTB etc into memory. + + BootROM/SPL + | + v + u-boot + | + v + TEE + | + v + Linux + +Creating a TEE image with mkimage +--------------------------------- + +- "tee" (tee-standalone) + + To identify this type of image to u-boot you should use mkimage like this: + + mkimage -A arm -T tee -C none -d tee-image.bin uTee-standalone + +- "tee-bootable" + + mkimage -A arm -T tee-bootable -C none -d tee.bin uTee-bootable + +Booting the image types +----------------------- + +- tee-standalone + + For a standalone TEE image you should create or reuse an existing board-port + and install the TEE into memory in the appropriate way for your architecture. + + Some TEE implementations may reside in a special SRAM area or have special + ROM callbacks in order to setup the TEE correctly. + + eg: + board/company/board_name.c + + void board_tee_image_process(ulong tee_image, size_t tee_size) + { + /* Install TEE into memory as approrpiate here */ + } + + U_BOOT_FIT_LOADABLE_HANDLER(IH_TYPE_TEE, board_tee_image_process); + +- tee-bootable + + For a bootable TEE image you need to load the TEE into an appropriate address + in DRAM. + + Once done use the bootm command to execute the image. + + eg: + => ext4load mmc 0:1 /lib/firmware/uTee-bootable 0x84000000 + => bootm 0x84000000 + + ## Booting kernel from Legacy Image at 84000000 ... + Image Name: + Image Type: ARM Linux Trusted Execution Environment Bootable Image (uncompressed) + Data Size: 249844 Bytes = 244 KiB + Load Address: 9dffffe4 + Entry Point: 9e000000 + Verifying Checksum ... OK + ## Flattened Device Tree blob at 83000000 + Booting using the fdt blob at 0x83000000 + Loading Trusted Execution Environment Bootable Image ... OK + Using Device Tree in place at 83000000, end 83009b4d