TrustZone Technology Support in Zynq-7000 All …

Rust OP-TEE TrustZone SDK Mingshen Sun Baidu X-Lab RustCon Asia, Beijing, April 2019 The TrustZone Address Space Controller (TZASC) is a programmable unit that enables you to configure memory regions of selected peripherals with different access rights for Secure and Non-secure AXI transactions. The TZASC has 4KB memory space. TrustZone is a System-on-Chip and CPU system-wide security solution, available on today’s Arm application processors and present in the new generation Arm microcontrollers, which are expected to dominate the market of smart “things.” TrustZone is getting increasing popularity and has been used in various scenarios to protect security-critical data and enhance the security of the normal world. Secure Storage and Credential Protection: The iso-lation property of TrustZone makes it an ideal choice to store user’s secret data, e.g., private keys, passwords, credit card The Qualcomm TrustZone can be acquired directly from a block under /dev/block, while the Trustonic TrustZone must be acquired by reversing sboot, for exemple. Weaknesses in TrustZone hardening TrustZone hardening is a crucial point in order to obtain good security properties and slow down the reverse engineering and exploitation process.

4 6 )7 )2 8% 8 -3 2 3 9 8 0-2 ) % wttgp vuvcvgqhgo dgffgfugewtkv[+p vtqfwevkqp vqvj g# 4 / 6twuv

ARM TrustZone: transition management 12 Switch between normal and secure domain Monitor Gatekeeper that controls migration between Normal and Secure world In normal world, have both user mode and privileges mode. Same for Secure world Secure device drivers typically run in user mode Cannot switch the NS bit in user mode Secure Monitor Call SMC Support for TrustZone Technology in the Zynq-7000 AP SoC WP429 (v1.0) May 20, 2014 www.xilinx.com 5 TrustZone Support in the Zynq-7000 AP SoC Processing System Each of the ARM processor cores in the Zynq-7000 AP SoC PS domain provides separate NS bit configuration for Secure/Non-Secure mode selection. The NS bit is

RESEARCH ON ARM TRUSTZONE

4 6 )7 )2 8% 8 -3 2 3 9 8 0-2 ) % wttgp vuvcvgqhgo dgffgfugewtkv[+p vtqfwevkqp vqvj g# 4 / 6twuv